Technology Audit Strategy - Mumbai, India - IDFC FIRST Bank

    IDFC FIRST Bank
    IDFC FIRST Bank Mumbai, India

    Found in: Talent IN 2A C2 - 1 week ago

    IDFC FIRST Bank background
    Description

    Department Overview:

    The Technology Audit team is part of Internal Audit function of IDFC FIRST Bank. As a Third line of defense, the function has responsibility to provide independent assurance to internal and external stakeholders. As Bank's operations are increasingly computerized, Technology audits must ensure that IT related controls, processes and its governance is effective. The primary objective of Technology audits includes:

    • Ensure IT systems and processes are compliant with internal standard/policies and regulatory requirements.
    • Evaluate security and resiliency of IT systems and processes in place.
    • Determine risks to a company's information assets and help identify methods to minimize those risks.

    Key Responsibilities:

    • Primary responsibility is to analyze open audit observations and drive its appropriate & timely remediation for the IT & Cyber Security Audit Unit. To that end:
    • Ensure audit observations are closed with appropriate validation and on time.
    • Maintain closure documentation with appropriate details/evidence for future reference or scrutiny by external parties.
    • Follow-up with stakeholders on overdue/approaching due date observations and escalate to senior management/CXO as appropriate.
    • Identify and implement new initiatives or opportunities to expedite remediation of open audit observations with enhanced quality and agility.
    • Identify learnings from remediation and provide feedback/trends to audit leads as part of continuous improvement.
    • Ability to work independently and liaise with senior management/CXOs to drive closure.
    • Publish periodic MIS to stakeholders and conduct regular discussion to understand challenges.
    • Identify opportunities to add value beyond defined the scope specifically in cyber security and emerging technology like cloud, devops.
    • Develop digitisation of the audit process using data and data analytics, automation, technologies such as AI and ML and continuous auditing for IT environment.
    • Maintain understanding of the industry market and regulatory requirement, business activities, key development in Bank's IT environment and assess its impact to IA.
    • Develop relationship cross-functionally within IA and across the bank, primarily in IT, IT governance and ISG.
    • Timely delivery of internal and external submission, including regulatory and board.
    • Identify and organize skill enhancement session for technology auditors.
    • Execute audit occasionally to understand ground challenges.
    • Support ad-hoc request related to audit delivery, internal/external submission.

    Skills & Experience Required:

    • Relevant experience 10+ years.
    • Prior position of IT Governance / IT Audit / IT risk management in consulting firm/ banking domain.
    • Excellent interpersonal skills to interact with senior management, CXOs.
    • Strong knowledge of Cyber Security and internal control environments within the IT function.
    • Well versed with RBI regulations and assessment of their compliance.
    • Conversant with latest technologies and trends like DevOps, AI/ML, SIEM/SOAR, Cloud.
    • Creative thinking, thinks outside of the box.
    • Ability to solve complex problems and confident in sharing view/opinions.
    • Good written and verbal communication skill.
    • Collaborative work style, can work with individuals of all levels.

    Educational Qualifications: BE / B.Tech / MCA in IT-related field; Master's degree would be an advantage.

    Certifications: CISA / CISSP / CISM / CEH / CRISC / Cloud certifications or any other equivalent.