- Conduct risk assessments and identify potential IT risks within the organization's systems and processes.
- Evaluate the adequacy and effectiveness of internal controls related to IT systems, including security, access controls, change management, and data integrity.
- Perform IT audits to assess compliance with industry standards, regulatory requirements, and company policies.
- Review and analyze IT policies, procedures, and documentation to ensure they are up to date and align with best practices.
- Identify weaknesses or gaps in IT controls and provide recommendations for improvement.
- Collaborate with IT and business stakeholders to develop remediation plans and track progress on identified issues.
- Stay updated on emerging trends and developments in IT auditing, cybersecurity, and regulatory requirements to ensure the company's IT environment remains compliant and secure.
- Perform data analysis and utilize data analytics tools to identify patterns, anomalies, or trends that may indicate potential risks or control deficiencies.
- Prepare clear, concise, and comprehensive audit reports summarizing findings, recommendations, and action plans.
- Present audit findings to management and provide guidance on implementing recommended improvements.
- Assist in the development and maintenance of the annual IT audit plan.
- Participate in special projects or initiatives as assigned by management.
Education and Trainings/ Experience:
- Bachelor's degree in information technology, computer science, or a related field.
- Professional certifications desirable such as Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), or Certified Information Systems Security Professional (CISSP) are preferred.
- Proven experience 5 Years experience in IT auditing, preferably within the financial services or e-payment industry.
- Strong knowledge of IT governance frameworks, such as COBIT or ITIL.
- Familiarity with industry regulations and standards, such as PCI DSS, ISO 27001.
- Proficiency in performing risk assessments, developing audit plans, and executing audit procedures.
- Solid understanding of IT systems, including networks, databases, operating systems, and application controls.
- Experience with data analytics and proficiency in using data analysis tools.
- Excellent analytical and problem-solving skills, with the ability to think critically and identify control weaknesses or process improvements.
- Strong written and verbal communication skills, including the ability to present complex technical concepts to non-technical stakeholders.