IS AUDIT LEAD

As a member of the Internal Audit Business Unit in the Information Security Audit Department, you will be responsible for conducting various Information Security audits across all technology segments. Your expertise in Cloud Security, Cyber Security, Security Operations and Surveillance, Information security, and privacy controls, as well as Banking Technologies, will be essential for this role. Your core responsibilities will include conducting IS audits encompassing ITGC controls, VA, PT, APPSEC, NSAR, CA, BCP, DR, Cloud Security, Cyber Security, Security Operations and Surveillance, Information security and privacy controls, IT Processes Data Centre Operations, identity and Access Management, Change Management, Incident Management, and more. You will also assist in implementing risk-based audit plans to ensure the safety and soundness of the Bank while ensuring timely completion of assigned audits and documentation of work papers. Additionally, you will be expected to provide improvement suggestions to existing processes/systems, keep Audit Procedure Manual and checklists updated, define performance goals in collaboration with the reporting manager, and take ownership of your learning agenda by identifying and bridging development needs. Staying updated on relevant professional/industry developments, regulatory requirements, and new techniques through continued education and professional networks will be crucial for your role. In terms of risk and internal control responsibilities, you will follow risk policies and processes to mitigate operational, regulatory, financial, informational, reputational, and audit risks. You will execute established internal control systems, compile relevant information for departmental audits, and possess strong presentation skills along with a good working knowledge of applicable regulatory compliances. Your technical competencies should include ITGC Controls, Risk assessments, VA, PT, APPSEC, NSAR, CA, Information Security standards ISO 27001, BCP and DR, Cloud Security, Cyber Security, Security Operations and Surveillance, Information security and privacy controls, and Banking Technologies. Possessing certifications such as CISA is mandatory, and CISSP, CRISC are desirable for this role.,