Job Description

Reporting to the Deputy Head of the Audit and Risk division, your key responsibilities would include the following:

• Undertake audit projects that meet department and other appropriate standards (e.g.IIA).
• Conduct risk assessments and audit on IT governance and compliance within required timeline.
• Establish risk-based audit programs and determine scope of review in conjunction with the Deputy Head and Head of Audit & Risk.
• Work collaboratively with other team members to ensure audit work and other projects undertaken throughout the Organization provides appropriate assurance.
• Influence and facilitate changes to improve the controls environment to mitigate risks to an acceptable level.
• Work with the team to maintain and develop relationships with key stakeholders to help ensure the audit work carried out adequately addresses the key risks in the Organisation.
• Ensure management actions plans for control issues identified are followed-up in a timely manner.
• Provide advisory in IT security and system control during pre- and post-implementation.
• Prepare and assist with the preparation of appropriate Management and Audit Committee reporting requirements
• Deliver ad-hoc projects which includes, but is not limited to investigations,policies and procedures, training, etc.
• Research and lead the continuous improvement of the audit standards, guidelines, expertise and methodology relevant to IT/cybersecurity audit (e.g. risk assessment methodology, audit processes/workflows, audit quality control etc.).

• Degree in Information Security, Business Management, Information Systems, Computer Science or other related discipline
• Preferably with professional qualifications such as CISA, CISSP, CRISC, CISM or CIA
• Proficiency in using computer assisted audit tools such as IDEA and ACL