Senior Manager -Internal Audit (Information Security and System Audit)

About the role

The individual will be responsible for conducting application and product-level security audits across digital banking platforms. The role focuses on evaluating end-to-end app workflows, user journeys, APIs, backend services, and integrations to ensure robust security, compliance, and risk governance. The individual will work closely with product, engineering, and security teams to strengthen the security posture of all customer-facing apps and digital products.

What you will do

• Conduct security audits of mobile & web applications, including onboarding flows, payments, authentication journeys, customer dashboards, and backend microservices.
• Evaluate app compliance with RBI cybersecurity guidelines, CSITE requirements, CERT-IN directives, and secure digital product practices.
• Assess app-specific ITGCs and functional controls, including access management, configuration integrity, release/change processes, and secure SDLC adherence.
• Review app architecture, APIs, SDKs, third-party integrations, and product dependencies for security gaps.
• Identify risks across product workflows, such as KYC, login & session controls, transaction authorization, data flows, and fraud-prone journeys.
• Perform control testing and app security assessments, including review of logs, API behaviour, encryption practices, and sensitive data handling.
• Evaluate DevSecOps practices, CI/CD release pipelines, and secure coding guidelines followed by engineering teams.
• Document findings and provide actionable recommendations to product & tech teams for enhancing app security without impacting user experience.
• Track closure of product-specific vulnerabilities and ensure timely remediation.
• Partner with product managers, developers, QA teams, and security engineers to strengthen digital product governance and readiness for regulatory audits.
• Support app-focused cybersecurity awareness and guide product teams during regulatory inspections.

What you will need

• Strong understanding of mobile/web application security, secure SDLC, OWASP MASVS/OWASP Top 10, RBI digital banking security guidelines, and CERT-IN regulations.
• Experience in reviewing product-level ITGCs, including app access controls, change management, version/release governance, and backup & restore checks.
• Ability to analyze product journeys, detect process-level security risks, and ensure regulatory adherence for digital banking platforms.
• Knowledge of API security, cloud-hosted applications, microservices, app-layer encryption, network basics, and vulnerability management workflows.
• Strong skills in audit documentation, writing product-focused security observations, and coordinating with product & engineering teams.

Experience & Qualifications

• BE/BTech or equivalent in Information Security, IT, or Cybersecurity.
• CISA (Mandatory).
• 5+ years in Information Security Audits, with at least 2 years in banking or fintech, specifically auditing digital products, mobile apps, or customer-facing banking journeys.

Life at slice:

Life so good, you'd think we're kidding:

• Competitive salaries. Period.
• An extensive medical insurance that looks out for our employees & their dependants. We'll love you and take care of you, our promise.
• Flexible working hours. Just don't call us at 3AM, we like our sleep schedule.
• Tailored vacation & leave policies so that you enjoy every important moment in your life.
• A reward system that celebrates hard work and milestones throughout the year. Expect a gift coming your way anytime you kill it here.
• Learning and upskilling opportunities. Seriously, not kidding.
• Good food, games, and a cool office to make you feel like home. An environment so good, you'll forget the term colleagues can't be your friends.
• We believe in equality. Period.

At slice, we are committed to building a diverse and talented workforce. We never discriminate on the basis of race, sex, religion, colour, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, medical condition, disability, or any other class or characteristic protected by the applicable law.

We consider all qualified job-seekers with criminal histories in a manner consistent with the applicable law. Additionally, we are committed to providing reasonable accommodations to qualified individuals with physical or mental disabilities in order to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment.

Come join our crew!

About Us

slice

A new bank for a new India

slice's purpose is to make the world better at using money and time, with a major focus on building the best consumer experience for your money. We've all felt how slow, confusing, and complicated banking can be. So, we're reimagining it. We're building every product from scratch to be fast, transparent, and feel good, because we believe that the best products transcend demographics, like how great music touches most of us.

Our cornerstone products and services: slice savings account, slice UPI credit card, slice UPI, and slice business are designed to be simple, rewarding, and completely in your control. At slice, you'll get to build things you'd use yourself and shape the future of banking in India. We tailor our working experience with the belief that the present moment is the only real thing in life. And we have harmony in the present the most when we feel happy and successful together.

We're backed by some of the world's leading investors, including Tiger Global, Insight Partners, Advent International, Blume Ventures, and Gunosy Capital.