IT Audit Specialist - Mumbai Metropolitan Region, India - Corphive

Description

The digital revolution presents both opportunities and challenges. New technologies like biometric authentication, mobile banking, and cloud computing demand heightened focus on cybersecurity and data privacy. Our new digital banking initiative prioritizes innovative products and services while delivering a secure and seamless banking experience.

Within the Bank, IT Audit is leading the way in auditing the future of banking. Our team covers digital banking systems, IT infrastructure, and cybersecurity. You will be responsible for executing IT audit projects.

Key Accountabilities

• Participate in audits of Bank's digital banking landscape, including both ongoing operations and development projects.
• Assess key IT infrastructure processes, such as system/network security management and IT operations.
• Evaluate the adequacy of Bank's cybersecurity defenses and operations.
• Execute assigned audits efficiently, communicate findings, and propose recommendations.
• Identify and assess potential risks in digital banking initiatives, considering current regulations and evolving technology.
• Advise and promptly inform leadership of major risk, control, and regulatory issues.
• Establish and maintain relationships with stakeholders.
• Define and develop continuous auditing scenarios for digital banking.
• Contribute to knowledge sharing within the team.
• Continuously develop your professional skills and knowledge in technology.

Requirements

• Experience: 5-9 years in information systems auditing, information security, or technology risk management (experience in banking & financial services preferred).
• Technical Knowledge:Digital banking channels (internet, mobile, Wi-Fi)
• Multi-channel distribution and convergence
• Mobile application development and testing
• Cybersecurity (malware, attacks, defenses, network security architecture, vulnerability assessment/penetration testing)
• Infrastructure security and processes
• Network device security (firewalls, intrusion detection systems, VPNs, wireless, switches, routers)
• System & database platforms (Windows, Unix, Mainframe, Oracle, MS SQL, DB2)
• IT processes and standards (data center operations, change management, security events & incident monitoring, system configuration baseline controls, endpoint security, data loss prevention, authentication & access management)
• Risk assessment frameworks (PCI-DSS, ISO-27001, COBIT)
• Emerging technologies (cloud computing, biometrics, mobile platforms)
• Non-Technical Skills:Excellent communication (written and spoken)
• Team player with ability to work effectively in cross-functional teams
• Business analyst skills
• Banking product domain knowledge acquisition (treasury, markets, securities, finance, risk management, Islamic banking, institutional banking, global transactions, consumer banking, wealth management)
• User requirements understanding
• Application release functionality validation
• Security/control design assessment
• Regulatory compliance (technology)
• Data analytics
• Risk assessment (probability and impact of internal control weaknesses)
• Application development knowledge (agile project management, mobile application development)
• Education: Degree in Information Technology or equivalent (postgraduate degree preferred)
• Certifications: Minimum 2-3 of the following: CISA, CISSP, SANS, CEH, ISO27001, NIST