Reporting to Group Head of Internal Audit, the IA manager role will be responsible for all aspects of audit and assurance for our IT/Security and Cloud Business.
The role will perform end-to-end independent risk assessments and audit reviews (both governance and technical) and will provide written reports to operational and executive management.
The role will also provide advisory and consulting services related to security (product, application, infrastructure etc.)
- Independently perform complex end-to-end IT/Cloud/Information Security audits from initiation / risk assessment, planning, development of Work program and execution, and reporting.
- Perform monthly issue follow-up with stakeholders and report on management remediation actions completed on time.
- Develops and drives initiatives that improve controls and compliance.
- Develop and maintain trusted relationship with key stakeholders
- Advise business on various security aspects
- Provide assurance and consulting to executive leaders
- Skilled in advisory role for operational teams and internal team members.
SKILLS - Ability to travel to global location (up to 20% of time) to drive and perform IT/Cloud/Information security audit reviews (travel at global location require: clean background check, COVID vaccination and valid passport).
- Bachelor s Degree in IT, Business Information systems or related areas.
- At least 10 years of progressive experience in information security.
- At least 5 year internal/external auditing experience.
- Knowledge of either Microsoft Azure or AWS and its security.
- Hands on experience with securing/auditing cloud infrastructure applications.
- Familiarity with security tools (Splunk, LogRhythm, Crowdstrike, Symantec etc).
- Certifications like CCAK, CISA, CISSP, CRISC, CEH etc.
- Familiarity with various control and certification frameworks (CCAK, ISO, CSA, PCI, SOC, etc.)
- Good understanding of various SDLCs, CI/CD and security governance models.
- Analytical, with attention to detail yet able to summarize and present in business language.
- Effective communication orally and in written format. Experience and ability to write high impact audit reports for executive readers and conduct discussions with them.
- Ability to initiate positive change in different cultures.
- Must feel comfortable working remotely on his/her own with little supervision.
- Exposure to global business environment and various work cultures.
- Knowledge of AWS and its security
- Experience with Security Operations Centres
- Experience in the banking or security/intelligence industry
- Knowledge of cloud service models and the outsourcing of financial services.
- Timely and Quality audit reports.
- Risks mitigated
- Team Satisfaction (measured through annual performance appraisal).
