About the roleThe individual will be responsible for conductingapplication and product-level security auditsacross digital banking platforms. The role focuses on evaluating end-to-end app workflows, user journeys, APIs, backend services, and integrations to ensure robust security, compliance, and risk governance. The individual will work closely with product, engineering, and security teams to strengthen the security posture of all customer-facing apps and digital products.What you will doConductsecurity audits of mobile & web applications , including onboarding flows, payments, authentication journeys, customer dashboards, and backend microservices. Evaluate app compliance withRBI cybersecurity guidelines , CSITE requirements, CERT-IN directives, and secure digital product practices. Assessapp-specific ITGCs and functional controls , including access management, configuration integrity, release/change processes, and secure SDLC adherence. Reviewapp architecture, APIs, SDKs, third-party integrations , and product dependencies for security gaps. Identify risks acrossproduct workflows , such as KYC, login & session controls, transaction authorization, data flows, and fraud-prone journeys. Performcontrol testing and app security assessments , including review of logs, API behaviour, encryption practices, and sensitive data handling. EvaluateDevSecOps practices , CI/CD release pipelines, and secure coding guidelines followed by engineering teams. Document findings and provide actionable recommendations to product & tech teams forenhancing app security without impacting user experience . Track closure of product-specific vulnerabilities and ensure timely remediation. Partner withproduct managers, developers, QA teams, and security engineersto strengthen digital product governance and readiness for regulatory audits. Support app-focused cybersecurity awareness and guide product teams during regulatory inspections.What you will needStrong understanding ofmobile/web application security , secure SDLC, OWASP MASVS/OWASP Top 10, RBI digital banking security guidelines, and CERT-IN regulations. Experience in reviewingproduct-level ITGCs , including app access controls, change management, version/release governance, and backup & restore checks. Ability to analyzeproduct journeys , detect process-level security risks, and ensure regulatory adherence for digital banking platforms. Knowledge ofAPI security, cloud-hosted applications, microservices, app-layer encryption, network basics , and vulnerability management workflows. Strong skills inaudit documentation, writing product-focused security observations, and coordinating with product & engineering teams .Experience & QualificationsBE/BTech or equivalent in Information Security, IT, or Cybersecurity. CISA (Mandatory). 5+ years in Information Security Audits, with at least 2 years inbanking or fintech , specifically auditingdigital products, mobile apps, or customer-facing banking journeys .Life at slice:Life so good, you’d think we’re kidding:Competitive salaries. Period. An extensive medical insurance that looks out for our employees & their dependants. We’ll love you and take care of you, our promise. Flexible working hours. Just don’t call us at 3AM, we like our sleep schedule. Tailored vacation & leave policies so that you enjoy every important moment in your life. A reward system that celebrates hard work and milestones throughout the year. Expect a gift coming your way anytime you kill it here. Learning and upskilling opportunities. Seriously, not kidding. Good food, games, and a cool office to make you feel like home. An environment so good, you’ll forget the term “colleagues can’t be your friends”. We believe in equality. Period.At slice, we are committed to building a diverse and talented workforce. We never discriminate on the basis of race, sex, religion, colour, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, medical condition, disability, or any other class or characteristic protected by the applicable law.We consider all qualified job-seekers with criminal histories in a manner consistent with the applicable law. Additionally, we are committed to providing reasonable accommodations to qualified individuals with physical or mental disabilities in order to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment.Come join our crew!About Usslice A new bank for a new Indiaslice’s purpose is to make the world better at using money and time, with a major focus on building the best consumer experience for your money. We’ve all felt how slow, confusing, and complicated banking can be. So, we’re reimagining it. We’re building every product from scratch to be fast, transparent, and feel good, because we believe that the best products transcend demographics, like how great music touches most of us.Our cornerstone products and services: slice savings account, slice UPI credit card, slice UPI, and slice business are designed to be simple, rewarding, and completely in your control. At slice, you’ll get to build things you’d use yourself and shape the future of banking in India. We tailor our working experience with the belief that the present moment is the only real thing in life. And we have harmony in the present the most when we feel happy and successful together.We’re backed by some of the world’s leading investors, including Tiger Global, Insight Partners, Advent International, Blume Ventures, and Gunosy Capital.
Job Title
Senior Manager -Internal Audit (Information Security and System Audit)