Job Description: IT and Cybersecurity Auditor (Manager/AVP)

Position Purpose

The primary focus of this role is to lead and execute IT and Cybersecurity audits, covering end-to-end processes of auditable entities within the Inspection Générale APAC team. The individual will ensure risks are mitigated and controls are effectively operating, while documenting findings, recommendations, and reports.

Key Responsibilities

• Audit Execution: Lead and complete all phases of audits by assessing the adequacy and sustainability of IT controls, testing their effectiveness, and ensuring compliance with BNPP Inspection Générale policies.
• Documentation: Conduct process walk-throughs, document audit findings and results, and draft final reports.
• Audit Recommendations: Identify control gaps, recommend improvements, and ensure the suitability of business corrective actions.
• Stakeholder Interaction: Collaborate with audit team members, control owners, and business unit management to ensure smooth execution of audit tasks.
• Continuous Monitoring: Contribute to ongoing risk assessments and escalate any issues that may affect audit schedules.
• Leadership: Guide and mentor junior auditors as needed during assignments.

Duties

• Execute audits with a high degree of accuracy and independence.
• Test the design and operating effectiveness of IT controls.
• Ensure compliance with BNPP Inspection Generale’s audit procedures.
• Prepare and update risk assessments for review.
• Validate business corrective actions to close identified control gaps.
• Participate in continuous monitoring and escalate concerns affecting audit schedules.
• Mentor junior staff on audit processes.
• Perform additional duties as assigned.

Technical & Behavioral Competencies

• IT Audit Expertise: Strong knowledge of IT auditing principles and practices, with a focus on the financial services industry.
• Communication: Effective written and verbal communication skills, particularly when interacting with all levels of management.
• Problem-Solving: Strong analytical skills with the ability to work under pressure and tight deadlines.
• Teamwork: Promotes collaboration and fosters a participative team environment.
• Initiative: Demonstrates high levels of initiative, commitment, and drive in completing audit tasks.

Specific Qualifications

• Education: Bachelor’s or Master’s degree in Information Technology, Management Information Systems, Computer Science, or a related discipline.
• Certifications: CISA (Certified Information Systems Auditor) required. Additional certifications in Cybersecurity (e.g., CISSP, CISM, CEH) or IT Service Management (ITIL) are preferred.

Skills Referentials

Behavioral Skills:

• Communication skills (oral & written)
• Teamwork and collaboration
• Attention to detail and rigor
• Adaptability
• Active listening

Transversal Skills:

• Analytical ability
• Project management skills
• Ability to manage meetings and seminars
• Change management
• Strategic foresight

Education Level: Master’s degree or equivalent

Experience Level: Minimum of 8 years in IT audit, preferably within the financial services industry.

Location: Mumbai (Supporting APAC Region)