IT Internal Audit

Job Description:

Main Responsibilities:

• Conduct risk assessments and identify potential IT risks within the organization's systems and processes.
• Evaluate the adequacy and effectiveness of internal controls related to IT systems, including security, access controls, change management, and data integrity.
• Perform IT audits to assess compliance with industry standards, regulatory requirements, and company policies.
• Review and analyze IT policies, procedures, and documentation to ensure they are up to date and align with best practices.
• Identify weaknesses or gaps in IT controls and provide recommendations for improvement.
• Collaborate with IT and business stakeholders to develop remediation plans and track progress on identified issues.
• Stay updated on emerging trends and developments in IT auditing, cybersecurity, and regulatory requirements to ensure the company's IT environment remains compliant and secure.
• Perform data analysis and utilize data analytics tools to identify patterns, anomalies, or trends that may indicate potential risks or control deficiencies.
• Prepare clear, concise, and comprehensive audit reports summarizing findings, recommendations, and action plans.
• Present audit findings to management and provide guidance on implementing recommended improvements.
• Assist in the development and maintenance of the annual IT audit plan.
• Participate in special projects or initiatives as assigned by management.

Education and Trainings/ Experience:

• Bachelor's degree in information technology, computer science, or a related field.
• Professional certifications desirable such as Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), or Certified Information Systems Security Professional (CISSP) are preferred.
• Proven experience 5 Years experience in IT auditing, preferably within the financial services or e-payment industry.
• Strong knowledge of IT governance frameworks, such as COBIT or ITIL.
• Familiarity with industry regulations and standards, such as PCI DSS, ISO 27001.
• Proficiency in performing risk assessments, developing audit plans, and executing audit procedures.
• Solid understanding of IT systems, including networks, databases, operating systems, and application controls.
• Experience with data analytics and proficiency in using data analysis tools.
• Excellent analytical and problem-solving skills, with the ability to think critically and identify control weaknesses or process improvements.
• Strong written and verbal communication skills, including the ability to present complex technical concepts to non-technical stakeholders.