The role bearer has the responsibility to independently manage internal audits for the bank as assigned. It entails taking complete ownership of the process - creating checklists, conducting audits as per the defined timelines, publishing the audit reports and preparing for presentations to be conducted quarterly. The role bearer has to adhere by the guidelines set by the bank for audit reports - making the audit process more efficient contributing to the larger objectives of the bank.
Roles & Responsibilities:
- Analyze open audit observations and drive its appropriate & timely remediation for the IT & Cyber Security Audit Unit.
- Ensure audit observations are closed with appropriate validation and on time.
- Maintain closure documentation with appropriate details/evidence for future reference or scrutiny by external parties.
- Follow-up with stakeholders on overdue/approaching due date observations and escalate to senior management/CXO as appropriate.
- Identify and implement new initiatives or opportunities to expedite remediation of open audit observations with enhanced quality and agility.
- Identify learnings from remediation and provide feedback/trends to audit leads as part of continuous improvement.
- Ability to work independently and liaise with senior management/CXOs to drive closure.
- Publish periodic MIS to stakeholders and conduct regular discussion to understand challenges.
- Identify opportunities to add value beyond defined the scope specifically in cyber security and emerging technology like cloud, devops.
- Develop digitisation of the audit process using data and data analytics, automation, technologies such as AI and ML and continuous auditing for IT environment.
- Maintain understanding of the industry market and regulatory requirement, business activities, key development in Bank s IT environment and assess its impact to IA.
- Develop relationship cross-functionally within IA and across the bank, primarily in IT, IT governance and ISG.
- Timely delivery of internal and external submission, including regulatory and board.
- Identify and organize skill enhancement session for technology auditors.
- Execute audit occasionally to understand ground challenges.
- Support ad-hoc request related to audit delivery, internal/external submission.
Education Qualification:
Graduation: BE / B.Tech
Post-graduation: Mtech / MCA in IT-related field
Certification: CISA / CISSP / CISM / CEH / CRISC / Cloud certifications or any other equivalent.
Experience: 10 to 18 years of relevant experience in IT.