Specialist - Cyber Security Audit

Nasdaq

6-8 Years | Bangalore, Karnataka, India (On Site) | Full Time | 1 day ago

Apply Now

Job Summary

Nasdaq Technology is seeking a passionate Specialist for Cyber Security Audit in Bangalore, India. This role involves assessing the quality of technology and infrastructure controls, planning and evaluating internal audit programs for technology systems, and ensuring compliance with policies and industry best practices like NIST CSF, ISO 27001, and OWASP. The specialist will prepare audit reports, detail issues, and work with global teams to mitigate technology risks and ensure business viability.

Must Have

Proven experience of 6-8 years in risk-focused technology internal audit or related cybersecurity experience
Ability to work EMEA work hours (12:00noon onwards, IST)
Experience in audits of cyber security processes (data loss prevention, threat intelligence, vulnerability management, cyber event monitoring and incident management, cyber resiliency, social engineering, external threat, etc.)
Experience in audits of IT infrastructure (Firewalls, IDS / IPS, logging and monitoring tools, etc.) and cloud security
Understanding of Cyber Risk management, logging, monitoring and information security incident management
Knowledge and understanding of technology risk management principles and standards like ISO 27001, NIST MITRE, and OWASP Frameworks
Demonstrated ability to write audit reports with minimal direction and guidelines
Solid team player, empathic, collaborative
Good interpersonal, project management and communication skills
Bachelor’s degree in information systems, Cybersecurity, Computer Science, or a related field

Good to Have

Professional auditing certifications (CISA or CISSP)
Experience working with Global Teams (USA and EMEA)
Fluent English language skills and a strong customer service mindset

Perks & Benefits

Equal opportunity employer
Reasonable accommodation for job application/interview process
Hybrid work model (NasdaqBlend) offering flexibility
Total rewards program (You&Q) covering wealth building, career growth, well-being, and family care

Job Description

Nasdaq Technology is looking for a passionate Specialist with focus on Cyber Security Audit, to join the technology center in India. If Innovation and effectiveness drive, you forward this is the place for you!

Nasdaq is continuously revolutionizing markets and undergoing transformations while we adopt new technologies to develop innovative solutions, constantly aiming to rewrite tomorrow. As a Specialist, you Assesses the quality of technology and infrastructure controls across all risks areas. Plans and evaluates internal audit programs for the organization's technology systems that enables cyber security and the activities of various departments to ensure compliance with the organization's technology policies, procedures and standards. Ensures the effectiveness of internal controls in compliance with industry best practices and standards, such as NIST CSF, 802.3, ISO 27001, DORA, MITRE,OWASP etc. Prepare reports for management on the results of audits, providing supporting detailed workpapers.

We are looking for candidates with a genuine desire and drive to deliver top technology solutions to today's markets

With this position we offer:

As a part of the Global Internal Audit team, specifically the Global Technology function, they are responsible for evaluating technology internal controls to ensure the company has appropriate controls in place to mitigate the technology risks that could affect the viability of our business.

As a Specialist – Cyber Security Audit, you will be responsible for planning and executing internal technology and infrastructure audit projects to evaluate internal controls across the organization, ensuring effectiveness, industry best practices and regulatory requirements. If you are someone who enjoys working in a results driven and high-performing international culture and thrive in a creative and dynamic environment, this is the role for you.

Role Responsibilities:

As a Specialist, your focus will be - Besides working closely with your colleagues in Bangalore, you will also work closely with Nasdaq teams in other countries.

Accomplishing and reporting on the adequacy and efficiency of Cyber Security

An equal opportunity in delivering against multiple and often time concurrent audit projects, handling conflicting priorities to achieve results on time

We are involved into planning, resolving scope areas, drafting risk and control matrix and test procedures for technology and cybersecurity audits

An opportunity to complete and report technical controls through continuous auditing and monitoring

We perform regulatory compliance set forth by RegSCI etc, including IT general controls!

We are responsible for detailing issues and findings, ensuring alignment with corporate policies and procedures and regulatory standards.

We use automated audit tools as an integrating part of audit planning and execution.

We participate in business/operations & regulatory audits and work in audits of business processes to identify and evaluate key IT operational risks and controls!

We expect you to have:

Proven experience of 6-8 years of risk-focused technology internal audit or related experience (i.e. cybersecurity).
Shift Hours: Work EMEA work hours, 12:00noon onwards, IST.
Experience in- Audits of cyber security processes (data loss prevention, threat intelligence, vulnerability management, cyber event monitoring and incident management, cyber resiliency, social engineering, external threat, etc.), IT infrastructure (Firewalls, IDS / IPS, logging and monitoring tools, etc.) and cloud security
Understanding Cyber Risk management, logging, monitoring and information security incident management.

Knowledge and understanding technology risk management principles and standards like ISO 27001 and NIST MITRE and OWASP Frameworks

Demonstrated ability to write audit reports with minimal direction and guidelines

Solid team player, empathic, collaborative

Good interpersonal, project management and communication skills

Education Qualification: Bachelor’s degree in information systems, Cybersecurity, Computer Science, or a related field

It would be great if you:

Professional auditing certifications preferred: CISA (Certified Information Systems Auditor) or CISSP (Certified Information Systems Security Professional.
Experience working with Global Teams (USA and EMEA)
Fluent English language skills and a strong customer service mindset

Does it sound like you?

As the selection process is ongoing, please submit your application in English as soon as possible. We will get back to you in 2-3 weeks

Come as you are

Nasdaq is an equal opportunity employer. We positively encourage applications from suitably qualified and eligible candidates regardless of age, color, disability, national origin, ancestry, race, religion, gender, sexual orientation, gender identity and/or expression, veteran status, genetic information or any other status protected by applicable law.

Nasdaq is a leading global provider of trading, clearing, exchange technology, listing, information, and public company services. As the creator of the world's first electronic stock market, its technology powers more than 100 marketplaces in 50 countries. Nasdaq is home to over 4,000 total listings with a market value of approximately $12 trillion.

To learn more, about our business visit business.nasdaq.com. Check out more about our Life at Nasdaq.

Come as You Are

-------------------

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation.