Specialist - Cyber Security Audit

Nasdaq Technology is looking for a passionate Specialist with focus on Cyber Security Audit, to join the Bangalore technology center in India. If Innovation and effectiveness drive, you forward this is the place for you
Nasdaq is continuously revolutionizing markets and undergoing transformations while we adopt new technologies to develop innovative solutions, constantly aiming to rewrite tomorrow. As a Specialist, you Assesses the quality of technology and infrastructure controls across all risks areas. Plans and evaluates internal audit programs for the organization's technology systems that enables cyber security and the activities of various departments to ensure compliance with the organization's technology policies, procedures and standards. Ensures the effectiveness of internal controls in compliance with industry best practices and standards, such as NIST CSF, 802.3, ISO 27001, DORA, MITRE,OWASP etc. Prepare reports for management on the results of audits, providing supporting detailed workpapers.

We are looking for candidates with a genuine desire and drive to deliver top technology solutions to today's markets

With this position we offer:

As a part of the Global Internal Audit team, specifically the Global Technology function, they are responsible for evaluating technology internal controls to ensure the company has appropriate controls in place to mitigate the technology risks that could affect the viability of our business.

As a Specialist – Cyber Security Audit, you will be responsible for planning and executing internal technology and infrastructure audit projects to evaluate internal controls across the organization, ensuring effectiveness, industry best practices and regulatory requirements. If you are someone who enjoys working in a results driven and high-performing international culture and thrive in a creative and dynamic environment, this is the role for you.

Role Responsibilities:

As a Specialist, your focus will be - Besides working closely with your colleagues in Bangalore, you will also work closely with Nasdaq teams in other countries.

Accomplishing and reporting on the adequacy and efficiency of Cyber Security

An equal opportunity in delivering against multiple and often time concurrent audit projects, handling conflicting priorities to achieve results on time

We are involved into planning, resolving scope areas, drafting risk and control matrix and test procedures for technology and cybersecurity audits

An opportunity to complete and report technical controls through continuous auditing and monitoring

We perform regulatory compliance set forth by RegSCI etc, including IT general controls

We are responsible for detailing issues and findings, ensuring alignment with corporate policies and procedures and regulatory standards.

We use automated audit tools as an integrating part of audit planning and execution.

We participate in business/operations & regulatory audits and work in audits of business processes to identify and evaluate key IT operational risks and controls

We expect you to have:

• Proven experience of 6-8 years of risk-focused technology internal audit or related experience (i.e. cybersecurity).
• Shift Hours: Work EMEA work hours, 12:00noon onwards, IST.
• Experience in- Audits of cyber security processes (data loss prevention, threat intelligence, vulnerability management, cyber event monitoring and incident management, cyber resiliency, social engineering, external threat, etc.), IT infrastructure (Firewalls, IDS / IPS, logging and monitoring tools, etc.) and cloud security
• Understanding Cyber Risk management, logging, monitoring and information security incident management.  

Knowledge and understanding technology risk management principles and standards like ISO 27001 and NIST MITRE and OWASP Frameworks

Demonstrated ability to write audit reports with minimal direction and guidelines

Solid team player, empathic, collaborative

Good interpersonal, project management and communication skills

​​Education Qualification: Bachelor's degree in information systems, Cybersecurity, Computer Science, or a related field

It would be great if you:

• Professional auditing certifications preferred: CISA (Certified Information Systems Auditor) or CISSP (Certified Information Systems Security Professional.
• Experience working with Global Teams (USA and EMEA)
• Fluent English language skills and a strong customer service mindset

Does it sound like you?

As the selection process is ongoing, please submit your application in English as soon as possible. We will get back to you in 2-3 weeks

Come as you are

Nasdaq is an equal opportunity employer. We positively encourage applications from suitably qualified and eligible candidates regardless of age, color, disability, national origin, ancestry, race, religion, gender, sexual orientation, gender identity and/or expression, veteran status, genetic information or any other status protected by applicable law.

Nasdaq is a leading global provider of trading, clearing, exchange technology, listing, information, and public company services. As the creator of the world's first electronic stock market, its technology powers more than 100 marketplaces in 50 countries. Nasdaq is home to over 4,000 total listings with a market value of approximately $12 trillion.

To learn more, about our business visit Check out more about our Life at Nasdaq.

Come as You Are

Nasdaq is an equal opportunity employer. We positively encourage applications from suitably qualified and eligible candidates regardless of age, color, disability, national origin, ancestry, race, religion, gender, sexual orientation, gender identity and/or expression, veteran status, genetic information, or any other status protected by applicable law.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation.

---