Job Summary
Job Description Main Purpose of Job is to focus on the delivery of IT Audit and IT Assurance related engagements. We are looking for an IT Auditor who would support the business. The entire function aims to be a leading internal audit team with the use of best-in-class audit methodology, data analytics and advanced artificial intelligence. Key responsibilities of the role: Providing IT, data analytics and cyber security expertise to the Internal Audit Team. Leading and delivering IT, BCP and cyber security reviews across different clusters and companies within the Division. Pair up with the other members of the IA team to provide guidance and IT expertise to support delivery of non- IT audits Pair up with the other members of the IA team and enable their analytics needed source the data, assist with building the analytic and support the interpretation thereof Promote ALICE across the division, ensuring connectors are up to date, working with the relevant team members in interpreting the results and offer guidance on resolving their findings Assist with IT audits across the division for areas not covered by ALICE (projects/ BCP/ DRPs/ ITGC/ cyber reviews/ application controls etc.) Build visual tools/ dashboards to support our road to continuous auditing Being the key connector between IA team and the data/ ALICE/ IT environments & IT audits & systems Represent IA on various IT steering Committees for new system implementations Specialised Technical Capabilities: Ability to form a core technology and data risk skillset through proactively conducting research, and participating to internal and external initiatives Understands and applies the major program management approaches and practices (e.g., SDLC, ITIL, COBIT) Develops a strong knowledge of technology and data management frameworks (e.g., Technology Risk, Data Risk, Cyber Risk Maturity Model) by conducting independent research, and attending workshops, seminars, and training programs Become familiar with technology and data risk, as well as industry-specific regulations; keeps up to date with emerging trends Business report writing demonstrating ability to translate technical concepts to non-IT audience Executes Assurance Engagements: Ability to enhance quality of assurance engagements by identifying risks, performing testing, researching governing regulations, and developing reports Uses industry leading frameworks and tools to analyse clients documentation and identify risks that require control assurance Tests validity of clients historical financial and non-financial information, leveraging relevant standards (e.g. ISAE 3000), as appropriate Develops assurance reports to accurately present risks, related controls, and the effectiveness of those controls Ensures findings and recommendations are aligned with the audit objectives by keeping in mind the engagement business context when performing technical work during the assessment process to ensure all risk facets are considered Technical competencies: Solid grasp of technical skills and methodology Demonstrated knowledge and technical skills on "core operating systems" e.g., Windows, UNIX, etc. as well as awareness and ability to identify risks related to in-house developed systems Demonstrated knowledge and experience in performance of business process and automated controls testing on the more common applications Developing knowledge of ERP systems like SAP A good understanding of how to link risks and controls to ensure test steps and controls and risks all speak to each other; ability to research "unknown" systems or audit in-house developed systems, i.e. problem-solving/logic capabilities Developing Digital fluency and knowledge on Emerging technologies, including Cloud, RPA, AI, etc. Developing skills in Agile and DevOps. Developing further Industry experience (FSI, TMT, CB, ER&I, etc.) Behavioural Competencies: Demonstrates ability to work efficiently and meet all deadlines consistently Displays initiative and confidence Takes accountability for delivery of own work, running projects end to end individually and with minimal instruction Active participation and proactive attitude to service delivery Deadlines and quality driven, self- starter Works well within a team and with client management, as well as individually when required Strong analytical skillset Good communicator and collaborator, strong business/ report writing skills Qualifications: Minimum Qualifications Degree / Diploma Relevant industry specific certification (CISA, CISM etc.) Minimum Experience: 3 years working experience in a client facing role Desired Experience: Experience in a client facing role Demonstrate an understanding of large-scale information technology application systems, infrastructure, business processes and security standards. Demonstrate an understanding of the IT audit methodology and its application in major client industries. Power BI experience/ other data analytic tools Ability to work with and document workflows (Visio etc.) Programming would be a bonus