Bachelors/Masters in Computer Sciences, Information Systems Administration or related field.
(A local Masters & Bachelor’s Degree from HEC recognized Universities or Colleges is acceptable)
ISACA certified candidates are encouraged to apply e.g. Certified Information Systems Auditor (CISA) or Certified in Risk & Information System Control (CRISC) or Certified Information Security Manager (CISM). Certified Internal Auditor (CIA) or Certified Fraud Examiner (CFE) would be a plus.
At least 6 years of professional experience in a medium or high level IT sophisticated Entity, out of which, a minimum of 3 years of experience in IT/IS Auditing, preferentially in Banking Sector at a Supervisory/Responsible level.
Ø To prepare yearly IT/IS Audit Plans in coordination with the Head of Internal Audit
Ø To ensure that the planned audits are completed when expected.
Ø To be Proactive in resolving planning conflicts, delays or ad hoc requests during the year, in coordination with the Head of Internal Audit.
Ø To prepare the scopes of assignments & respective IT/IS audit procedures.
Ø To exercise the IT/IS Audit Engagements in identifying, probing and documenting the audit issues and recommending for improvement.
Ø To conduct the Exit Meetings with the Auditees.
Ø To Draft the IT/IS Audit Reports & the Auditees Rectification Remarks and archive the relevant Evidences, to ensure the completeness, accuracy and validity of audit findings and recommendations.
Ø To finalize the Auditees Ratings in view of their Audit Reports.
Ø Ensure that the engagement audit files are complete in all respects and its archiving is in compliance with the Internal Audit operating policies.
Ø To communicate the results of audit reports & inferences via timely written reports, according to planned reporting schedule or as required by his Line Manager.
Ø To keep his Line Manager posted about the Audit Assignments vis-à-vis Actual vs Budget.
Ø Hands-on knowledge about IT General Controls (ITGC) to assess i.e IT entity level Controls, Change Management, Information Security, Back-up & Recovery, Third Party IT Providers (Vendor Management)
Ø Sound concepts of IT sophistication w.r.t Servers, Networks, work Stations, Applications, and Remote Locations etc.
Ø Local Regulatory Requirements in the context.
Ø Effectiveness and Efficiency of IT/IS Control Environment.
Ø To Identify Control Gaps and Opportunities for Improvement.
Ø A sufficient idea about the Policies & Procedures of IT Deptt at Head office level.
Ø A sound concept of Internal Control Environment w.r.t COSO Framework.
Ø Review security measures for breaches and corrective action.
Ø Review authorization of sensitive functions and segregation of duties.
Ø Review system development life cycle.
Ø Review availability and supportability of the applications.
Ø Perform audit of the database/application and review policies, standards, procedures, configuration and management of the database systems.
Ø Review logs of audit trails for application activities.
Ø Perform extensive CAATS on application data.
Ø Team Player - Collaborate and support colleagues and peers across the organization, while still being able to work independently when needed.
Ø Geared up to keep a creative communication with the Internal Customers to understand their business perspective & their priorities and their issues.
Ø He will have strong skills in negotiating, relationship building, problem solving, and timely problem escalation.
Ø Ability to build relationships while asking tough questions
Ø To develop & maintain a lateral synergy with other Managers in the IAD.
Ø Assist his Line Manager in hiring, training, and evaluating staff, and taking effective actions to address performance matters.
Ø Participate in audit engagements with the other Audit Managers, within the Global internal audit group: collaborate and contribute for the effective realization of the joint audit assignments.
Ø Managerial thinking
Ø Confident about his skill-set & professionally mature.
Ø An objective, logical & enquiring mind.
Ø Planned and well organized approach towards work.
Ø Problem resolving approach
Ø Ability to give constructive feedback.
Ø Results Oriented - who would meet deadlines on assignments, juggle multiple demands and to work with all types of individuals.
Ø Team management
Ø Time management
Ø Stress management
Ø Analytical skills
Ø Quality assurance
Ø To maintain a perpetual knowledge base of local issues, topics and relevant information.
Ø Eager to pursue professional development opportunities including external and internal training and professional association memberships.
Ø Head of Internal Audit