Job Description

Key highlights of the role are listed below (purely indicative and not limiting):

• Design and implement Cyber Security Audit framework, processes and standards
• Directly responsible for policies, procedures, and controls to assure compliance with applicable regulatory, legal and audit requirements as well as good business practices.
• Establish and oversee formal risk analysis and self-assessments program for various information services, systems, processes and recognized industry standards.
• Identify, assess, manage, and track remediation of risks related to IT infrastructure, applications, platforms, and suppliers and drive explicit requirements and timelines in all environments.
• Develop strong relationships with external audit, key stakeholders, and regulators to ensure risk management oversight is understood, managed appropriately, and current with all standards, guidelines, and regulations that are applicable.
• Oversee third party (Vendor) assessment standards and privileged user monitoring as a check on critical system access.
• Process framework for off-site and on-site Security audits and continuous improvement of processes
• Interface with respective business department to carry out risk assessments, audit schedule preparation and test plan documentation
• MIS reports on audit projects to Senior management.

Applicants should possess the following attributes:


• Relevant years of experience in IT/Information Security Audits and IT Security Risk assessment services, preferred from banking/NBFC industry.
• Relevant experience in Cyber / Information security governance, risk, and compliance management and technical risk management as well as risk advisory services related hands on experience Knowledge of ISO27001: 2022 standards, have been part or handled the ISO certification project.
• Should have understanding of ISMS policy & procedure and contributed in document the ISMS policy
• Strong working experience in regulatory guidelines compliance management & compliance metrics
• Experience in conducting and handling internal & external IT audits and closer of IT audit findings.
• Good Knowledge of cyber security posture and experience in working with cyber security team.
About Company
BOBCARD is a wholly owned subsidiary of Bank of Baroda and a Non-Deposit Accepting Non-Banking Finance Company (NBFC). BOBCARD was established in the year 1994 to cater to the need of rapidly growing credit card industry in a focused manner. BOBCARD is one among the pioneers in Indian card market and was the first non-banking company in India to issue credit cards.


The company's core business is credit card issuance.