Head IT Audit (PSS06690)

About the Client:

PSS has been mandated by our Client to hire a Head of IT Audit. Our client is the oldest private sector bank in India with almost 100 years in the business of lending. It has its origins in Kerala. The bank's primary focus is on retail loans. About 59% of its business comes from retail banking, 23% from wholesale banking, 14% from treasury management, 4% from SME banking. Its total deposits were Rs. 29,700 Crores and its total advances were Rs. 24,000 Crores as of March 2024.

Summary of the Position:

With stronger KYC and information security norms stipulated by the RBI and increasing digital transormation of IT systems, the Head of IT Audit role has been a key position in the bank. An IT (Information Technology) & IS (Information Systems) Auditor is responsible for evaluating the efficiency, security, and integrity of an organization's technology systems,infrastructure, and processes. Their role involves assessing how effectively an organization's information systems are controlled, ensuring compliance with relevant regulations, and identifying risks to prevent issues like data breaches or financial fraud.

Key Responsibilities:

  • Assess System Security:
    • They evaluate the security protocols and measures in place to ensure the safety
    of an organization's data and technology infrastructure.
    • Check for vulnerabilities in systems and identify potential cybersecurity risks.
  • Evaluate IT Controls:
    • Auditors check how well the IT systems are governed, managed, and controlled.
    This can include reviewing access controls, system configurations, and user
    privileges.
    • They ensure policies and procedures are followed to minimize operational and
    financial risks.
  • Compliance and Risk Management:
    • They ensure the organization complies with relevant laws and industry
    standards, such as GDPR, HIPAA, or SOX (Sarbanes-Oxley Act).
    • Identify risks related to IT infrastructure, processes, and data handling,
    recommending improvements to mitigate these risks.
  • Data Integrity and Accuracy:
    • Review how data is processed, stored, and managed to ensure its accuracy and
    consistency.
    • Verify that data is protected from unauthorized changes and that backups are in
    place.
  • Evaluate IT Governance:
    • Assess whether the IT department's strategies align with the organization’s
    business objectives and whether IT governance policies are effective.
    • Look into how IT projects are managed, including their planning, budgeting, and
    execution.
  • Testing and Auditing Systems:
    • Perform hands-on testing of systems, applications, and networks to verify
    functionality, security, and compliance.
    • This can involve penetration testing, vulnerability scanning, and reviewing
    system logs.
  • Reporting and Recommendations:
    • Prepare detailed audit reports that outline findings, issues, and areas of concern.
    • Provide recommendations for improving the IT infrastructure, security, and
    compliance with policies.
  • Collaboration with IT and Management:
    • Work closely with the IT department to understand the systems and provide
    solutions to address identified weaknesses.
    • Collaborate with other departments to ensure that IT and IS-related risks are
    adequately managed.
  • Continuous Improvement:
    • Recommend updates to processes and controls to ensure systems remain
    secure and compliant.
    • Stay updated with the latest trends and risks in IT and cybersecurity.
    Tools and Techniques They Use:
    • IT audit software like ACL, TeamMate, or IDEA.
    • Network analysis tools like Wireshark or Nessus.
    • Data analytics and reporting tools. In essence, an IT & IS auditor helps an organization safeguard its technology, infrastructure, ensuring systems are secure, efficient, and compliant with necessary regulations.

Prior Experience & Qualifications:

  • 15 years of experience in audit and specifically IT applications/ systems, infrastructure, IT security frameworks.
  • Experience of working in banks and financial insitutations would be a definite plus. 
  • Knowledge of the IT audit software like ACL, TeamMate, or IDEA and network analysis tools like Wireshark or Nessus will be a must.

Apply For This Job
  Job Summary

Posted On:

18-Apr-2025

Function:

Audit, Risk & Controls

Industry:

Banking, Microfinance & NBFC

Location:

Mumbai

Employment Type:

Full Time