Cybersecurity & Technology Controls Audit Associate

As an experienced audit professional with our Information Technology audit team, you will be responsible for assisting with ongoing risk assessment, control identification, audit execution, and continuous monitoring activities across firm-wide cybersecurity functions. The team collaborates closely with the Line of Business Audit team to ensure consistent coverage of cybersecurity controls. Ideal candidates for this position possess knowledge of various cybersecurity functions such as cybersecurity operations, attack simulation (red team, blue team), vulnerability management, cybersecurity tools/processes across network, endpoints, cloud environments, and cyber threat modeling. Additionally, candidates should have audit and risk skills to effectively execute global cybersecurity audits. This role reports locally to the Audit Lead in India and functionally to the Audit Director globally. You will be responsible for executing global cybersecurity audit engagements, including risk assessments, audit planning, audit testing, control evaluation, audit report drafting, follow-up, and verification of issue closure. Participation during audit engagements is crucial, including performing timely reviews and providing constructive feedback. Meeting deliverable deadlines, adhering to department and professional standards, utilizing consistent methodology, and effectively communicating audit findings to management are essential aspects of this role. Building and maintaining relationships with senior cybersecurity team stakeholders, engaging in a culture of value addition, and coordinating proactively with Global Corporate Sector auditors and Line of Business Audit teams are key responsibilities. Staying updated with evolving industry and regulatory developments and finding ways to drive efficiencies in the audit process through automation are also part of the role. Required qualifications, capabilities, and skills for this position include a minimum of 3 years of cybersecurity with internal/external auditing experience, familiarity with core cybersecurity operations and one or more cybersecurity tools/process areas, a Bachelor's degree (or relevant financial services experience), and demonstrated knowledge of technology processes such as change management, security operations, technology operations, and business resiliency. Ability to multitask, execute audit activities with minimal supervision, strong analytical skills, proficiency in risk analysis and report preparation, flexibility, strategic thinking, leadership skills, and strong partnerships across technology and business teams are also required. Excellent verbal and written communication skills, enthusiasm, self-motivation, effectiveness under pressure, and willingness to take personal responsibility and accountability are further essential traits. Preferred qualifications, capabilities, and skills include a professional certification (e.g., CISA, CISM, CISSP, CEH, GIAC, etc.) or a willingness to pursue such certification.,