a. Providing assurance to the Audit Committee (AC) of Board of Directors (BOD), the CEO & MD and the Senior Management, on control adequacy and effectiveness on Cyber
Security / Cloud Infrastructure / Network/ Data Privacy & Protection / Operational Technology / IT Controls & Governance / Risk Management for uninterrupted business operations.
b. Executing audits, advisory, and other special projects in accordance with the approved audit plan. Auditor shall undertake reviews of the organization’s cybersecurity, cloud
infrastructure, OT, processes and controls to protect its intellectual property, using industry standards as a guide, and provide recommendations for improvements
Skills
Reviewing and documenting the existing TSL IT security architecture to determine security posture w.r.t regulatory & contractual requirements & industry best practices
Identification and categorization of information assets based on confidentiality, integrity and availability (CIA)
Identifying associated threats, vulnerabilities and the risk impacts with each of the information assets
Safeguarding the information assets such as – Software, Hardware, Network etc.
Reviewing IT Systems controls, Mail Messaging System and Financial Accounting Software, Review management and Change Management control etc.
Reviewing security controls at Cloud based Data Centre (DC) and DR centre(DRC).
Auditing controls for Operating System and Database Security, and other controls related to backup, DR/ BCP plans, patch management and version control, license control, virus control processes etc.
Application Security Audit including Vulnerability Assessment and Penetration Testing, Network Security Testing, Application Security Testing, OT Security Testing etc
Network resilience and recovery mechanism, control on social media access and data exchange through the same, control on data and information storage and access in cloud etc.
Performing configuration audit for all the devices at DC and DRC as per best practices
Create security policy and guidelines document for user access management, password policy, data exchange with agencies and vulnerabilities mitigation.
Testing for security audit cover cross-site scripting (XSS), cross-site reference forgery, SQL injection flaws, input validation flaws, malicious file execution, insecure direct object references, information leakage and improper error handling, broken authentication and session management, insecure communications, failure to restrict URL access, and denial of services etc.
Planning & adaptation of Quality Management System (QMS) to changing conditions and maintenance of quality records. Assist Group Head in initiating necessary corrective and preventive action for maintaining the QMS of the division.
Conducting audit of assigned activities for IT enabled systems as per the approved Annual Audit Plan, including any special audit/ project assigned by the respective Group Head.
Other details
Desirable : Understanding of NIST / ISO 27001 / CIS framework
Relevant experience:
Preferred : Cyber audit experience.
Threshold Skill:
a. Strong knowledge and experience in domains covering – Vulnerability assessment and penetration testing (VAPT), Risk management, Business continuity, Access and authorization, Web application security, Threat detection (SOC, NOC), Ethical Hacking, Social Engineering, Phishing simulation (email, CH, attachment)
b. Exposure on performing vulnerability assessment and penetration testing (black box) including red teaming
c. Information systems industry and best practices in network, application and hardware platform security
d. Audit and assessment methodologies, procedures and best practices that relate to information networks, systems, and applications
Risk Management, security program policies, processes, standards, requirements and procedures and various supporting security technologies.
Job Title – Engineer – IT Infrastructure Location: Gurugram, India Department: Siemens Logistics India Pvt. Ltd. Position: Full- time Looking...
Apply For This JobJob Description1) Installation/troubleshooting of Mac Operating systems and IOS Devices2) To perform installation, setup, configuration, migration, upgrading, repairs and maintenance...
Apply For This JobThe Role We are looking for an experienced and enthusiastic DevOps Engineer to join our amazing Information & Digital Services...
Apply For This JobHeubach Group is a leading global provider of comprehensive color solutions, supplying a broad portfolio or organic, inorganic, and anti-corrosive...
Apply For This JobAbout us We are professional and agile. Our work environment includes: Modern office setting Food provided Locations : Remote Shift:...
Apply For This JobPROFILE- I.T.I ELECTRICAL EXPERIENCE- O – 3 YEARS QUALIFICATION- I.T.I SALARY – 15,000 – 20,000 7248100040 ,7248100064, , 9756155551 Job...
Apply For This Job