- Conduct efficient and effective IT audit procedures.
- Develop a strong understanding of business and system processes.
- Establish IT audit plan based on identified risk regularly.
- Review, evaluate and conduct test application controls and IT general controls, to examine internal IT controls, evaluate the design and operational effectiveness, determine exposure to risk and develop remediation strategies.
- Provide recommendations and guidance on identified security and control risks.
- Prepare and coordinate directly with the superior to report results of audit reviews and testing.
- Compilation of process documentation, performance of interviews/walkthroughs, execution of audit testing, and documentation of results/deficiencies.
- Monitor the implementation of remediation plan.
- Minimum of a Bachelor's degree in Information Technology/Computer Information Systems or Finance degree.
- Having one of professional qualification, such as CISA, CIRSC, CEH, CISSP.
- 5 years of work experience as an internal or external IT Auditor.
- Financial services industry experience preferred.
- Experience with Network and infrastructure security audit with various IT platform, operating system.
- Experience in Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web-Proxy and Security Audits.
- Experience with IT Application Control Review and Data analytics.
- Detailed familiarity with SDLC projects, change management and other general controls.
- Clear understanding of IT audit methodologies.
- Strong understanding of COBIT, ISO 27001:(2013), PCI-DSS and other security standards.
- Ability to work under pressure in a fast-paced environment.
- Strong attention to detail with an analytical mind and outstanding problem-solving skills.
- Great awareness of cyber security trends and hacking techniques.
Dana