Vertical Head - Information Systems/Audit - Insurance Firm

As the Vertical Head of Information Systems (IS) Audit, your primary responsibility is to lead the strategic planning, development, and execution of Information Systems, IT Infrastructure, and Information Security audits throughout the organization. Your role focuses on identifying and mitigating digital risks in a complex and large-scale environment.

**Core Objectives:**

• **Strategic Leadership:** Develop a comprehensive IS Audit strategy and annual plan that aligns with organizational goals, digital maturity, and regulatory requirements.
• **Risk Mitigation:** Proactively identify and manage risks related to Cyber Security, Cloud, Data Privacy, and emerging digital technologies.
• **Compliance & Standards:** Ensure that audit coverage adheres to internal policies, professional auditing standards, and legal frameworks set by multiple regulators.
• **Technological Integration:** Drive the implementation of advanced data analytics, forensic techniques, and automated testing to enhance the effectiveness of audits.

**Key Responsibilities:**

1. **Audit Strategy & Execution:**

• **Massive Scale Testing:** Oversee the testing of 3,000+ controls covering IT applications and infrastructure processes.
• **Application & Process Reviews:** Conduct reviews of 1,500+ application controls and 1,500+ process controls to identify vulnerabilities and recommend improvements.
• **Specialized Audits:** Lead high-impact audits (10+) in Cyber Security, Cloud, and Network Security, along with 200+ data sensitivity reviews focusing on the entire data lifecycle.
• **Third-Party Assurance:** Audit data centers and third-party partners/vendors to ensure SLA compliance and data leakage prevention.

2. **Continuous Monitoring & Innovation:**

• **Automation:** Implement a continuous monitoring framework by developing 5,000+ automated tests for real-time risk assessment.
• **Dynamic Response:** Identify risk "hotspots" and conduct unplanned investigations based on regulatory directives or board requests.
• **Trend Alignment:** Stay updated on emerging audit trends and digital technology risks to keep the organization informed.

3. **Stakeholder & People Management:**

• **Engagement:** Collaborate with Business, Technology, and Functional leaders to enhance the control environment's maturity.
• **Reporting:** Deliver high-level communication and reporting to regulators, Board Committees, and Senior Management.
• **Team Leadership:** Recruit, mentor, and develop a specialized, high-performing IS Audit team capable of handling complex forensic and technical reviews.

**Scope of Coverage:**

You will be responsible for monitoring various technical aspects, including:

• **Security:** Cyber, Cloud, Network, Data, and Endpoint Security.
• **Operations:** IT Disaster Recovery (DR), Business Continuity (BCP), Change Management, and Incident Management.
• **Infrastructure:** Database & OS Management, Data Centers, and Logical/Physical Access.
• **Compliance:** Data Privacy, Regulatory Circulars, and Project Management. As the Vertical Head of Information Systems (IS) Audit, your primary responsibility is to lead the strategic planning, development, and execution of Information Systems, IT Infrastructure, and Information Security audits throughout the organization. Your role focuses on identifying and mitigating digital risks in a complex and large-scale environment.

**Core Objectives:**

• **Strategic Leadership:** Develop a comprehensive IS Audit strategy and annual plan that aligns with organizational goals, digital maturity, and regulatory requirements.
• **Risk Mitigation:** Proactively identify and manage risks related to Cyber Security, Cloud, Data Privacy, and emerging digital technologies.
• **Compliance & Standards:** Ensure that audit coverage adheres to internal policies, professional auditing standards, and legal frameworks set by multiple regulators.
• **Technological Integration:** Drive the implementation of advanced data analytics, forensic techniques, and automated testing to enhance the effectiveness of audits.

**Key Responsibilities:**

1. **Audit Strategy & Execution:**

• **Massive Scale Testing:** Oversee the testing of 3,000+ controls covering IT applications and infrastructure processes.
• **Application & Process Reviews:** Conduct reviews of 1,500+ application controls and 1,500+ process controls to identify vulnerabilities and recommend improvements.
• **Specialized Audits:** Lead high-impact audits (10+) in Cyber Security, Cloud, and Network Security, along with 200+ data sensitivity reviews focusing on the entire data lifecycle.
• **Third-Party Assurance:** Audit data centers and third-party partners/vendors to ensure SLA compliance and data leakage prevention.

2. **Continuous Monitoring & Innovation:**

• **Automation:** Implement a continuous monitoring framework by developing 5,000+ automated tests for real-time risk assessment.
• **Dynamic Respo