Talent.com
CSC Global - IT Audit & Risk Manager - Cyber Security Domain

CSC Global - IT Audit & Risk Manager - Cyber Security Domain

CSC GlobalBangalore
8 days ago
Job description

Description :

Role : IT Audit & Risk Manager

Exp range : 12+ years

Work Location : Bangalore

Work timings : 12 to 9pm IST

Work model : Hybrid

Position Summary :

The Cyber Security IT Audit and Risk Manager is an essential role to assist our business with making risk informed decisions.

The position is responsible for supporting the security direction of the business and elevating the companys security posture across multiple jurisdictions.

The position requires an understanding of managing cyber risk in new technologies and legacy systems.

The Cyber Security IT Audit and Risk Manager is expected to support the security strategy of the business within new and existing information system capabilities and responsible for leading internal audit efforts and coordinating with audit partners.

The ideal candidate has a strong IT security audits and risk management background, proven experience of experience in security, compliance, risk management and audit.

The role oversees the business security audit requirements and obligations mandated by standards, regulations and experience developing IT cyber security policies.

In tandem with security leadership, the Cyber Security IT Audit and Risk Manager consistently assesses, audits, and validates the assurance of the security program.

As a primary point of contact for internal and external auditors, the Cyber Security IT Audit and Risk Manager monitors progress and enforces resolution of outstanding issues that may lead to non-compliance or security threats to the business via effective delegation and empowering cross matrixed teams.

Success will be driven by strong servant leadership principles and guidance which compels teams to action.

As a primary point of contact for security risks, you will monitor progress and enforce resolution of outstanding issues that may lead to non-compliance or security threats to the business.

As a key member of the information security team, the role must focus on strong risk management and corporate resiliency, and not be driven solely by compliance.

Essential Job Duties :

  • Build relationships with global teams across Business Operations, Compliance, IT and Legal to manage technology risks and regulatory compliance.
  • Ensure collection, validation, adequacy and accuracy of information that are submitted to audit partners.
  • Customize and manage GRC tools as part of day today work.
  • Engage with IT project teams to identify and mitigate cyber security risks and build solutions that are compliant with global regulatory requirements.
  • Improve compliance of IT processes and identify opportunities for technology compliance control automation.
  • Manage and execute delivery of assigned internal, external, and jurisdictional audits as per published audit plan.
  • Design high-quality test plans and direct technology control test activities.
  • Build and maintain controls that map to compliance requirements, provide implementation recommendations and monitor evidence.
  • Continuously improve the IT Security control framework in alignment with industry trends.
  • Contribute to coordination with jurisdictional Business, Risk, Compliance stakeholders and audit partners.
  • Keep up to date with external technology and compliance regulations, data privacy and security best practices.
  • Define and publish quantitative and qualitative technology compliance metrics.
  • Identify strengths and weaknesses in IT technology operations and projects as they relate to privacy, security, business resiliency and regulatory compliance.
  • Document, formulate and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation.
  • Work in tandem with GRC and business leadership to perform ongoing security program assessments and audits and create annual strategic technology and budgetary directives.
  • Monitor current and proposed security changes impacting regulatory, privacy and security industry best practice guidance.
  • Apply GRC expertise across key lines of business, including products, practices, and procedures.

Skills And Experience :

  • At least 12 years experience in IT audit, risk management and / or cybersecurity as a practitioner.
  • Prior experience leading internal and / or external IT audits in a large organization and interacting with audit partners.
  • Extensive knowledge and understanding of audit standards and practices, and control frameworks (ISO, NIST, COSO, COBIT, etc.
  • Additional experience in one or more of the following : ISO 27001 or NIST and experience in creating / managing SOC frameworks.
  • Highly trustworthy; leads by example and empowers team members by involving them in various audit programs to enable them to identify and manage risk in the organization IT audit control framework.
  • Strong business acumen and security technology skills for well-rounded proficiency, as well as proven ability to align with security practices and compliance responsibilities.
  • Extensive knowledge of global technology laws and regulations, including but not limited to PCI, SOX, FFIEC, ISO 27001, SWIFT, GDPR, AIFMD, PSD2, EBA, ESMA, MAS, CSSF, CIMA, CBI.
  • Additional experience in one or more of the following : ISO 27001 or NIST.
  • Understanding of security concepts of threat categories (such as malware, phishing attacks, Defense-in Depth, MITRE ATT&CK framework).
  • Extensive knowledge and understanding of technology policies, standards, and guidelines and experience.
  • Experience with regulations and regulatory expectations regarding technology in the region of your accountability.
  • Exceptional written and verbal communication skills, and proven ability to translate security and risk to all levels of the business.
  • Capacity to understand legacy and progressive technology and security controls along with respective risk.
  • Working knowledge of technologies such as cloud computing, DevOps and application security.
  • Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
  • Prior experience working with GRC systems and knowledge of best practices in configuration.
  • Demonstrated problem-solving capabilities, and ability to manage complex local and international security requirements.
  • Self-motivated, directed and well-organized, with the vision to position controls in anticipation of threats.

    • Education and Certification Requirements :

  • Bachelors degree in computer science, information assurance, MIS or related field, or equivalent industry experience.
  • Holds one or more security, audit and risk industry certifications such as : CISSP, CISM, CRISC, CISA, CIA, CIPP, CIPT, CIPM, CERA, CRM, GRCP, or GRCA.

    • (ref : hirist.tech)

    Create a job alert for this search

    It Audit • Bangalore

    Related jobs
    • Promoted
    AVP / Manager Risk Management [T500-20824]

    AVP / Manager Risk Management [T500-20824]

    MUFGbangalore, karnataka, in
    Japan’s premier bank, with a global network spanning in more than 40 markets.Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to busin...Show moreLast updated: 22 days ago
    • Promoted
    AVP - IT Auditor Enterprise Applications [T500-20755]

    AVP - IT Auditor Enterprise Applications [T500-20755]

    MUFGBengaluru, Karnataka, India
    Japan’s premier bank, with a global network spanning in more than 40 markets.Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to busin...Show moreLast updated: 21 days ago
    • Promoted
    Cybersecurity Risk & Audit Specialist

    Cybersecurity Risk & Audit Specialist

    [24]7.aiBengaluru, Republic Of India, IN
    Position : Security & Compliance Specialist.Reports to : Manager InfoSec, GRC.Department : Information Security (InfoSec). This role oversee the development, evaluation and implementation of governanc...Show moreLast updated: 30+ days ago
    • Promoted
    Manager, Cyber Threat Analysis

    Manager, Cyber Threat Analysis

    FICOBengaluru, Republic Of India, IN
    FICO (NYSE : FICO) is a leading analytics software company, helping businesses in 90+ countries make better decisions that drive higher levels of growth, profitability and customer satisfaction.The ...Show moreLast updated: 30+ days ago
    • Promoted
    Manager / AVP - IT Auditor Enterprise Applications

    Manager / AVP - IT Auditor Enterprise Applications

    MUFG Global Service (MGS)Bengaluru, India
    Japans premier bank, with a global network spanning in more than 40 markets.Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to busine...Show moreLast updated: 30+ days ago
    • Promoted
    Cyber Risk and Advisory Director

    Cyber Risk and Advisory Director

    The Edge Partnership - The Edge in AsiaBengaluru, Republic Of India, IN
    Our client is a leading global investment and advisory firm known for its deep expertise in private equity, real estate, and alternative asset management. The ideal professional will be responsible ...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Manager, IT Security and Audit

    Senior Manager, IT Security and Audit

    sliceBengaluru, Republic Of India, IN
    The individual will be responsible for executing IT security audits, ensuring adherence to ISMS and ITGC controls, and identifying potential security risks. The role involves conducting security ass...Show moreLast updated: 14 days ago
    • Promoted
    Risk Advisory Consultant

    Risk Advisory Consultant

    Lodha & BhattBengaluru, Republic Of India, IN
    We are seeking a highly skilled, experienced.SOC Audit Consultant to lead and support SOC 1 (Type I & II) and SOC 2 (Type I & II) audit engagements. Risk Advisory and Cybersecurity Consulting practi...Show moreLast updated: 1 day ago
    • Promoted
    Senior Director Cyber Security

    Senior Director Cyber Security

    The Edge Partnership - The Edge in AsiaBengaluru, Karnataka, India
    Our client is a leading global investment and advisory firm known for its deep expertise in private equity, real estate, and alternative asset management. The ideal professional will be responsible ...Show moreLast updated: 30+ days ago
    • Promoted
    Senior IT Risk & Compliance Manager

    Senior IT Risk & Compliance Manager

    NaviBengaluru, Republic Of India, IN
    The Governance & Control team at Navi is responsible for overseeing internal audits across various domains, ensuring compliance with internal policies and regulatory requirements.The team proactive...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Manager - IT Risk

    Manager - IT Risk

    Grant Thornton INDUSBengaluru, Karnataka, India
    The Controls Advisory delivers all project and engagement management phases for multiple clients in various industries.Responsibilities include executing business processes, IT control reviews, and...Show moreLast updated: 16 hours ago
    • Promoted
    AVP / Manager Risk Management

    AVP / Manager Risk Management

    MUFG Global Service (MGS)Bengaluru, India
    Japans premier bank, with a global network spanning in more than 40 markets.Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to busine...Show moreLast updated: 27 days ago
    • Promoted
    Senior Manager - Information Security and System Audit

    Senior Manager - Information Security and System Audit

    sliceBengaluru, Karnataka, India
    The individual will be responsible for executing IT security audits, ensuring adherence to ISMS and ITGC controls, and identifying potential security risks. The role involves conducting security ass...Show moreLast updated: 14 days ago
    • Promoted
    Senior Manager - IT Auditor

    Senior Manager - IT Auditor

    NaviBengaluru, Karnataka, India
    The Governance & Control team at Navi is responsible for overseeing internal audits across various domains, ensuring compliance with internal policies and regulatory requirements.The team proactive...Show moreLast updated: 30+ days ago
    • Promoted
    IT GRC – AVP [T500-12809]

    IT GRC – AVP [T500-12809]

    Talent500Bengaluru, Karnataka, India
    Responsible for managing Cyber Security Risk, Compliance, and Assurance activities.Drive the global cyber security certifications as per MGS Management Strategy. Evaluating control effectiveness and...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Manager, Cybersecurity and System Assurance

    Senior Manager, Cybersecurity and System Assurance

    sliceBengaluru, Republic Of India, IN
    The individual will be responsible for executing IT security audits, ensuring adherence to ISMS and ITGC controls, and identifying potential security risks. The role involves conducting security ass...Show moreLast updated: 14 days ago
    • Promoted
    • New!
    Senior Manager

    Senior Manager

    PwC Acceleration Center IndiaBengaluru, Karnataka, India
    A career in our Cyber Data Tech Risk – Enterprise Tech Solutions practice will provide you with the opportunity to help our clients build trust and confidence in their digital and technology-enable...Show moreLast updated: 16 hours ago
    • Promoted
    • New!
    Manager - It Risk

    Manager - It Risk

    Grant Thornton INDUSBengaluru, Republic Of India, IN
    The Controls Advisory delivers all project and engagement management phases for multiple clients in various industries.Responsibilities include executing business processes, IT control reviews, and...Show moreLast updated: 22 hours ago