a. Providing assurance to the Audit Committee (AC) of Board of Directors (BOD), the CEO & MD and the Senior Management, on control adequacy and effectiveness on Cyber
Security / Cloud Infrastructure / Network/ Data Privacy & Protection / Operational Technology / IT Controls & Governance / Risk Management for uninterrupted business operations.
b. Executing audits, advisory, and other special projects in accordance with the approved audit plan. Auditor shall undertake reviews of the organization’s cybersecurity, cloud
infrastructure, OT, processes and controls to protect its intellectual property, using industry standards as a guide, and provide recommendations for improvements
Skills
Reviewing and documenting the existing TSL IT security architecture to determine security posture w.r.t regulatory & contractual requirements & industry best practices
Identification and categorization of information assets based on confidentiality, integrity and availability (CIA)
Identifying associated threats, vulnerabilities and the risk impacts with each of the information assets
Safeguarding the information assets such as – Software, Hardware, Network etc.
Reviewing IT Systems controls, Mail Messaging System and Financial Accounting Software, Review management and Change Management control etc.
Reviewing security controls at Cloud based Data Centre (DC) and DR centre(DRC).
Auditing controls for Operating System and Database Security, and other controls related to backup, DR/ BCP plans, patch management and version control, license control, virus control processes etc.
Application Security Audit including Vulnerability Assessment and Penetration Testing, Network Security Testing, Application Security Testing, OT Security Testing etc
Network resilience and recovery mechanism, control on social media access and data exchange through the same, control on data and information storage and access in cloud etc.
Performing configuration audit for all the devices at DC and DRC as per best practices
Create security policy and guidelines document for user access management, password policy, data exchange with agencies and vulnerabilities mitigation.
Testing for security audit cover cross-site scripting (XSS), cross-site reference forgery, SQL injection flaws, input validation flaws, malicious file execution, insecure direct object references, information leakage and improper error handling, broken authentication and session management, insecure communications, failure to restrict URL access, and denial of services etc.
Planning & adaptation of Quality Management System (QMS) to changing conditions and maintenance of quality records. Assist Group Head in initiating necessary corrective and preventive action for maintaining the QMS of the division.
Conducting audit of assigned activities for IT enabled systems as per the approved Annual Audit Plan, including any special audit/ project assigned by the respective Group Head.
Other details
Desirable : Understanding of NIST / ISO 27001 / CIS framework
Relevant experience:
Preferred : Cyber audit experience.
Threshold Skill:
a. Strong knowledge and experience in domains covering – Vulnerability assessment and penetration testing (VAPT), Risk management, Business continuity, Access and authorization, Web application security, Threat detection (SOC, NOC), Ethical Hacking, Social Engineering, Phishing simulation (email, CH, attachment)
b. Exposure on performing vulnerability assessment and penetration testing (black box) including red teaming
c. Information systems industry and best practices in network, application and hardware platform security
d. Audit and assessment methodologies, procedures and best practices that relate to information networks, systems, and applications
Risk Management, security program policies, processes, standards, requirements and procedures and various supporting security technologies.
Set up workstations with computers and necessary peripheral devices (routers, printers etc.) Check computer hardware (HDD, mouses, keyboards etc.) to...
Apply For This JobJob Title : Manager IT Operations Job Location : Chennai Experience : 7 – 10 years Salary : 8 –...
Apply For This JobRole: IT Recruiter Experience: 0 – 4 Years Office Location: Nelson Manickam Road Key Responsibilities Sourcing profiles from Job portals...
Apply For This JobSet the vision, strategic roadmap and plan, establishing key objectives and deliverables, aligned to the global Ingenico technology vision. Establish...
Apply For This JobHiring Non IT Recruiter !! Both Fresher and Experienced can apply.Location: CoimbatoreSalary: Best In IndustryNotice period: Less than 15 daysSkills...
Apply For This JobRole Description Provides user support – includes software support and troubleshooting activities for all user groups Project management/Application Analysis of...
Apply For This Job