More than 10 years of experience in banking domain with the last 5 years till current is in IT Tech Risk/IT Tech Control or IT Compliance capacity
• Working Knowledge of IT security, Risk Management and Security Control and experience in designing IT test steps to determine IT control effectiveness
Certification (either of the following)
• Certified Information Security Auditor (CISA)
• Certified Risk and Information Systems Control (CRISC)
• ISO27001 Certified auditor
Responsibility:
• Establish and upkeep the list of Checklists on IT Operations, Technology Projects and IT Security with respect to the current processes/procedures defined.
• Plan and initiate IT Controls Checking Assignment with stakeholders and process owners in accordance with the IT Controls Objectives.
• Highlight areas of non-compliance and ensure required mitigation by teams
• Understand overall IT risk profile to identify and prioritize areas of improvement/ risk mitigation to define an improvement/ mitigation roadmap
• Engage with stakeholders to socialize/ plan out the roadmap and form core teams for mitigation
• Proactively identify and escalate any delays/ risks for timely resolution
