General Manager (Is Audit) : Contractual Post

RECRUITMENT OF SPECIALIST CADRE OFFICER ON CONTRACT BASIS

ADVERTISEMENT NO: CRPD/SCO/2025-26/05 (REVISED)

In continuation with Advt no. CRPD/SCO/2025-26/05 Dated 11.07.2025

ONLINE REGISTRATION OF APPLICATION & PAYMENT OF FEES: FROM 15.09.2025 TO 29.09.2025

Online application was invited for recruitment of Specialist cadre officers for 3 posts vide advertisement number CRPD/SCO/2025-26/05 dated 11.07.2025 (Registration dates from 11.07.2025 to 07.08.2025). Final Select List for Regular post Dy. Manager (IS Audit) published on 05.09.2025.

It has now been decided to re-open the registration window in respect of 2 posts {GM (IS Audit) & AVP (IS Audit)} from 15.09.2025 to 29.09.2025.

Candidates who have earlier registered for the post of GM (IS Audit) or AVP (IS Audit) from 11.07.2025 to 07.08.2025, need not apply again as their earlier applied applications will be considered, however candidates who have not applied earlier for any of the above post may apply with revised eligibility criteria)

State Bank of India invites Online applications from eligible Indian citizens for appointment to the Specialist Cadre Officers Posts on Contract

1. 1. The process of Registration is complete only when fee is deposited with the Bank through online mode on or before the last date for paymentof fee / last date of online registrations.2. Before applying, candidates are requested to ensure that they fulfil the eligibility criteria for the Post(s) as on the date of eligibility.3. Candidates are required to upload all required documents (resume, ID proof, age proof, PwBD Certificate (if applicable), educationalqualification, certifications, experience, Biodata etc.) failing which their application/candidature will not be considered for shortlisting/ interview.4. The process of Short-listing will be provisional and without verification of documents. Candidature will be subject to verification of all details/documents with the original when a candidate reports for interview (if called).5. In case a candidate is called for interview and is found not satisfying the eligibility criteria (Age, Educational Qualification and Experience etc.)he/ she will neither be allowed to appear for the interview nor be entitled for reimbursement of any travelling expenses.6. Candidates are advised to check Banks official website https://bank.sbi/web/careers/current-openings regularly for details and updates(including the list of shortlisted/ selected candidates). The Call (letter/ advice), where required, will be sent by e-mail only (NO HARD COPY WILL BE SENT).7. ALL REVISIONS/ CORRIGENDUM (IF ANY) WILL BE HOSTED ON THE BANKS WEBSITE ONLY.8. In case more than one candidate scores same marks as cut-off marks in the final merit list (common marks at cut-off point), such candidateswill be ranked in the merit according to their age in descending order.9. Hard copy of application & other documents need not to be sent to this office.10. TEACHING & TRAINING EXPERIENCE WILL NOT BE COUNTED FOR ELIGIBILITY.

I) DETAILS OF POST / VACANCY / AGE CRITERIA / REMUNERATION /PLACE OF POSTINGS / NATURE OF

ENGAGEMENT / SELECTION PROCESS:

(A) NAME OF THE POST (S): GENERAL MANAGER (IS AUDIT) : CONTRACTUAL POST

Vacancies (Contractual): 01

Cut-off date: Age in years

Annual CTC Range**:

Suggested Place of posting

Contract Period

Selection Procedure:

Basic Education Qualifications

Essential: B.E/B. Tech in (Computer Science/ Computer Science & Engineering/ Information Technology / Information Security/ Electronics/ Electronics & Communications Engineering/ Software Engineering or equivalent degree in above specified discipline) OR

MCA or M. Tech/ M.Sc. in (Computer Science/ Computer Science & Engineering/ Information Technology/Information Security/ Electronics/ Electronic & Communications Engineering or equivalent degree in above specified discipline) from a University/ Institution/ Board recognized by Govt of India/ approved by Govt Regulatory Bodies

Other Qualifications: (As on 30.06.2025)

Essential

1. CISA (Certified Information Systems Auditor) by ISACA USA

(The above certificate is Mandatory and should be valid as on the date of interview)

Desirable

1. ISO 27001 Lead Auditor by NABCB (National Accreditation Board for Certification Bodies)
2. CEH (Certified Ethical Hacker) by ECCouncil USA
3. CISSP (Certified Information Systems Security Professional) by ISC2
4. MBA from recognized institute / university.

Experience (Post Basic Education qualifications) (As on 30.06.2025)

• Essential Experience: Minimum 15 years experience in BFSI / IT / Information Security Consultancy on IS Audit /
• Cyber Security Audit, out of which minimum 10 years experience in leadership role.
• Preferred Experience: Experience in handling Red Team exercise / VA-PT preferred.
• Training & Teaching experience will not be counted for eligibility.
• The experience mentioned / claimed should be supported by a suitable certificate / letter issued by the concerned employer.

Specific Skills (Preferred):

• Experience in VAPT tools like Nessus, Retina, SAINT and Kali Linux and other system tools.
• Experience in implementing Regulatory / CERT-In advisories and guidelines in IS Audit/ Cyber Security Audit.
• Knowledge of Data Privacy Standards.
• Experience in assessing the Supply Chain Cyber Risk during vendor audit.

DETAILS OF JOB PROFILE (DETAILED DESCRIPTION OF ROLE, RESPONSIBILITIES & FUNCTION) AND KEY RESPOSIBILITY AREA:

GENERAL MANAGER (IS AUDIT)

Job Profile

Roles & Responsibilities)

1. Ensuring conduct of IS Audit, Cyber Security Audit, IS Concurrent Audit, IT Outsourced Activities Audit as a part of Audit team.
2. Periodical review of audit value statements for Information System, Cyber Security, IS Concurrent Audit & ITOutsourced Activity Audit.
3. Ensuring availability of updated technical checklist for Network equipments, Servers, various Operating Systems etc. for conduct of IS Audit.
4. Arranging audits to verify compliance of Banks Information Security, IT and Cyber Security Policy, RBI guidelines and with International Best Practices.
5. Managing the Co-sourced audits by IS Audit Organisations (ISAO) as per regulatory/special requirements.
6. Ensuring maintenance of professional competence to ensure relevant and reliable information.
7. Appraising the Management and Board on security posture of Bank and recommend remedial controls.
8. Coordinating with CISO team and IT departments through periodical structured meetings.
9. Demonstrate the audit function and compliance status to RBI-IT Examination team.
10. Ensuring compliance to the regulatory and government directives, alerts and guidelines from NCIIPC, CERT-In, DFS and MeitY.
11. Implementation of Near Real Time IS Concurrent Audit at SOC Operation, ISD and for Protected assets identified by NCIIPC.
12. Creation and implementation of Audit Framework for conducting audit of AI platform/ systems .
13. Selection and implementation of audit tools for Information System audit, IS Concurrent Audit, Digital Logs and Digital Process audit.
14. Extending support and guidance for Information System Audit area in Risk Focussed Internal Audit for IT departments.
15. Review the observations and compliance status of IS Audit of branches and recommend the remedial measures.
16. Ensure automation of end-to-end process of Information System, Cyber Security, IS Concurrent Audit and ITOutsourced Activity audits.

ACTIVITIES: Coordinate with GM (RFlA. lT & Digital Audit) for evaluating the security posture of the IT GITC

KEY INTERACTIONS:

1. Coordinate with ISD and IT GITC departments for smooth conduct of the audit
2. Coordinate with IT-PR department, IT GITC departments for preparing and quarterly review of audit plan.

MEASURES of SUCCESS: Improvement in compliance culture and overall risk maturity.

1. Roles Responsibilities, Activities, key Interactions mentioned above are illustrative. Roles Responsibilities, Activities, key Interactions in addition to the above mentioned may be assigned by the Bank from time to time.
2. KRAs for the Post Annual review of Policy and Manual for Information System Audit and Cyber Security Audit, IS Concurrent Audit and IT-Outsourced Activities Audit.
3. Finalization of Annual Audit Plan for Information System Audit and Cyber Security Audit, IS Concurrent Audit and IT-Outsourced Activities Audit, obtain internal approvals and submit to Board.
4. Ensure periodical submission of MIS and memoranda to Board/ Committee.
5. On-going review of Audit Value Statements for the for-Information System Audit and Cyber Security Audit, IS Concurrent Audit and IT-Outsourced Activities Audit based on Government / regulatory guidelines.
6. Ensure timely compliance to RBI CSITE/ RAR /RMP observations
7. Ensure timely compliance to Board Level Strategy Meet/ CENMAC/Board meetings observations/actionable.
8. Compliance to Government directives / guidelines from Cert-In,DFS, MeitY
9. Ensure completion of audits as per Annual Plan and closure of IS Audit Reports in time.
10. Ensure quality of IS Audit Reports
11. Quarterly structure meetings with Global IT Centre (GITC) and ISD.
12. Upskilling of Auditors through participation in Training programmes, Conferences, Seminars and Annual Meetings.
13. Ensure evaluation of Third-Party Risk in IT based on regulatory and Bank guidelines

Remarks: :

KRAs shall be assigned on joining. Job Profile mentioned above are illustrative. Role/Jobs in addition to the

above mentioned may be assigned by the Bank from time to time for the above posts.

CTC Negotiation, for GM (IS AUDIT):

HOW TO APPLY:

GUIDELINES FOR FILLING ONLINE APPLICATION

1. i. Candidates will be required to register themselves online throughthe link available on SBI website https://bank.sbi/web/careers/current-openings and pay the application fee using Internet Banking/ Debit Card/ Credit Card etc.ii. Candidates should first scan their latest photograph and signature.Online application will not be registered unless candidate uploads his/ her photo and signature as specified on the online registration page (under How to Upload Documents).iii. Candidates should fill the application carefully. Once application is filled-in completely, candidate should submit the same. In the event of candidate not being able to fill the application in one go, he can save the information already entered. When the information/ application is saved, a provisional registration number and password is generated by the system and displayed on the screen. Candidate should note down the registration number and password. They can re-open the saved application using registration number and password and edit the particulars, if needed. This facility of editing the saved information will be available for three times only. Once the application is filled completely, candidate should submit the same and proceed for online payment of fee.iv. After registering online, the candidates are advised to take a printout of the system generated online application forms.v. Candidates seeking Age relaxation are required to submit copies of necessary certificates at the time of joining. No change in category of any candidate is permitted after registration of online application.i. Application fees and Intimation Charges (Non-refundable) is 750/- ( Seven Hundred Fifty only) for General/EWS /OBC candidates and no fees/intimation charges for SC/ ST/ PwBD candidates.ii. After ensuring correctness of the particulars in the application form, candidates are required to pay the fees through payment gateway integrated with the application. No change/ edit in the application will be allowed thereafter.iii. Fee payment will have to be made online through payment gatewayavailable thereat. The payment can be made by using Debit Card/ Credit Card/ Internet Banking etc. by providing information as asked on the screen. Transaction charges for online payment, if any, will be borne by the candidates.iv. On successful completion of the transaction, e-receipt and application form, bearing the date of submission by the candidate, will be generated which should be printed and retained by the candidate.v. If the online payment of fee is not successfully completed in first instance, please make fresh attempts to make online payment.vi. A provision is there to reprint the e-Receipt and Application form containing fee details, at later stage.vii. Application Fee once paid will NOT be refunded on any account NOR can it be adjusted for any other examination or selection in future.