Location: Mumbai, Maharashtra, India

Job Summary

 

As an India Branch Technology Audit Associate within Internal Audit Team you will be executing technology audits across Asia and globally. 

You will be responsible for assessing the adequacy of the control environments with a special focus on addressing the regulatory requirements across all of the businesses. You also will be responsible for maintaining effective relationships with key technology stakeholders throughout the audit lifecycle and for continuous monitoring purposes. This role provides an opportunity to apply your auditing and communication skills, as well as your knowledge and experience of auditing IT infrastructure, cybersecurity, processes, and applications. 

This role will report locally into Audit Manager/Director in India & functionally to Audit Director onshore and will be based in Mumbai. 

Job Responsibilities:

• Working closely with business and technology audit colleagues to identify and assess key risks in the program of audit coverage.
• Assisting in audit planning, audit testing, control evaluation, report drafting and follow up and verification of issue closure.
• Performing audit work in accordance with department and professional standards, and complete assignments in an efficient manner.
• Documenting audit work papers and reports with minimal supervision by the Audit manager.
• Partnering with line of business auditors and stakeholders to evaluate, test and report on the adequacy and effectiveness of management controls with appropriate recommendations for improvement.  This may be delivered through specific audit reviews or through involvement in other audit related activities
• Providing continuous monitoring of technology areas. Establish and maintain strong relationships with technology leaders and related control group
• Staying up to date with evolving industry and regulatory changes impacting the technology & cyber space.
• Engaging with key audit and technology stakeholders responsible for the technology control processes.
• Monitoring key risk indicators, significant change activities and escalate any emerging issues to management attention.

Required qualifications, capabilities and skills

1. Bachelor’s degree (or relevant financial services experience) required with minimum 5 years of internal or external auditing experience on technology risks.
2. Good understanding of risks & controls related to cybersecurity, IT infrastructure, technology processes, and business applications.
3. Ability to articulate and present complex technical issues verbally and in writing, shortlisted candidates are expected to go through a scenario based written test.
4. Ability to manage multiple tasks concurrently in an efficient and effective manner with minimal supervision.
5. Excellent verbal and written communication skills. Also, good interpersonal skills with the ability to present complex and sensitive issues to senior management, and influence change.
6. Ability to quickly build strong partnerships with management, business and Audit teams and interact effectively with all levels and internal stakeholders. Acts in an Integrated manner and demonstrates a positive and engaging approach during audit planning, execution and reporting.
7. Team player who works well individually and in teams, shares information and collaborates with colleagues during the audit plan.
8. Energetic, self-motivated, strong interest in learning, effective in a fast paced environment and willing to take personal responsibility / accountability
9. Data Analytics experience with track record of implementing tools / dashboards to assist with audit continuous monitoring process. Knowledge of Alteryx, SQL, Python, Excel or other common DA tools is an advantage.

Preferred qualifications, capabilities and skills

1. Certified Information Systems Auditor (CISA) and/or Certified Information Systems Security Professional (CISSP) designation is preferred.
2. Proficient with technology & cybersecurity related regulations from RBI, SEBI and prior experience in Banking is preferred.