Cyber Security Auditor

Job description

Experience:

• 5 years of experience in audits and assessment services of organizations based on ISO and PCI standards.
• Must have experience in conducting audit based on payment security standards in banking sector for a medium to large sized organization.
• Must have experience in conducting risk assessment covering Cyber Security domains.
• Must have experience in preparing quality audit reports.
• Excellent written, oral communication and presentation skills.
• Excellent organizational, communication and interpersonal skills.
• Ability to work independently or as part of a team.   

Responsibilities:

• Developing project plans, work programs, evaluating IT System controls effectiveness, documenting observations and communicating information to stakeholders.
• Audit cyber security program effectiveness - policy for completeness, effectiveness of periodic reviews, Governance of management, Security Awareness and Training.
• IT process effectiveness – Information and Asset Management, Third party security risk management, threat/vulnerability management & change/configuration Management.
• Conduct audit of risk assessment and its effectiveness in a regulated entity.
• Effectiveness of data management including Information management lifecycle and data leak prevention controls
• Audit SoC management, incident management process, Cyber crisis management plan including BCP/DR preparedness.
• Develop and maintain up to date audit checklist and documents.
• Review draft audit reports for improving quality of the reports.
• Keep updated with latest threats and vulnerabilities researched/discovered.