Information Technology Governance Manager

The IT Governance Team in Kotak Bank is looking for bright enthusiastic learners to join them in ensuring compliance for the Bank to relevant frameworks and regulations.

Job Description:

The team's work scope broadly includes:

1. IT Risk and Control Self Assessments (RCSA): The team is responsible for maintaining the risk register for IT and conducting periodic RCSA for the applications in scope, which includes working with IT stakeholders for sample-based control testing, evaluating residual risk and formulating risk treatment plans.
2. IT Audit and Assessment Management: The team is responsible for planning and managing all Internal and External IT compliance audits, assessments and sustenance checks. This includes L1 reviews of all evidences and responses submitted and tracking all findings to closure.
3. Regulatory reporting: The team holds oversight of all regulatory reporting for IT. This covers all advisories, alerts, circulars, questionnaires and tranche submissions received from regulators. This includes L1 reviews of all evidences and responses submitted.
4. Oversight of the repository of IT Policies and Procedures: The team manages the IT Policy and procedure inventory ensuring timely reviews and revisions.
5. Managing the agenda (IT) for various committee reviews.
6. Automation and process redesign for ensuring ongoing compliance.

Please note the team works closely with all other teams in the risk management area for all of the above areas (Internal Audit, Compliance, Information Security, Data Privacy etc.)

The recruit will be responsible for **:

1. Working closely with stakeholders to ensure timely closures for all activities
2. First level reviews of all evidences and responses received
3. Providing inputs for / working with the team in driving automation initiatives
4. Providing inputs for / working with the team to design effective and efficient processes that ensure compliance

**Please note that you will be assigned or one or more areas depending on your bandwidth and work items in progress across all the above-mentioned areas.

Expected experience:

At least 1 year and not more than 4 years in a mid to large size organization within the banking and finance industry in a InfoSec / Compliance / Audit / Governance role.

Must have skills:

1. Excellent spoken and written English
2. Prior exposure to regulatory submissions, risk management, and audits
3. Strong understanding of GRC principles and regulatory guidelines of RBI, NCIIPC, ISO 27001 etc.
4. Experience in the Banking domain / Consulting experience within the Banking domain

Good to have skills:

1. Certifications (CISA / CISM / ISO 27001 LA / LI)
2. Prior exposure to Azure Dev ops, Co Pilot agents and AI initiatives