AVP, Information Systems Audit

Key Responsibilities:

Responsible to carry out audits with the objectives to :

1. Provide an independent and objective assurance that the auditee’s operations are effectively conducted in accordance to established performance standards and best practice.
2. To supervise, manage and perform risk based audits of IT Audit ensuring that governance, risk management and controls are in place to mitigate risks.
3. Evaluate the management processes, risk management processes, internal control and compliance framework and governance processes and highlighting gaps, if any.
4. Provide independent and objective assurance that the Risk Management Processes put in place by Management is sound and implemented with integrity.
5. Provide independent and objective assurance on the adequacy, effectiveness and efficiency of system of Internal Control to manage all critical risks.
6. Assist the Head of ISA Department in the planning and execution of the ISA audit plan and ad-hoc assignments.
7. Mentoring and guiding ISA team members as well as provide training on identified specialised subject matter (i.e. Cyber Security, risk and controls).

Requirements:

Skills

1. Communication – Verbal and Written
2. Problem Solving
3. Analytical
4. Decision Making
5. Risk Based Assessment
6. Report Writing
7. Planning & Organisation
8. Time Management
9. Management & Supervisory
10. Leadership

Knowledge

1. Information systems / security risk and controls knowledge, preferably with banking products, operations and information systems / infrastructure knowledge.
2. Relevant tertiary or professional certification knowledge in audit / assurance, information systems, and cyber security areas.
3. IT Risk management framework and processes.
4. Best practices of audit techniques and up to-date audit practices including that of cyber security, network devices, encryption techniques, operating systems, databases, cloud technologies, robotic process automation and artificial intelligence.
5. Knowledge on IT & Cyber Security areas as well as key leading Security Frameworks such as ISO 27001, NIST, COBIT and BNM Regulatory requirements.
6. Experiences with project implementation audits, data analytics for audit and process innovations are advantageous.

Experience

1. 1. Degree or good knowledge in related discipline.
   2. Preferable with a recognised certification such as CISA, CISM, CRISC, CIA, CBA, CISSP or equivalent.
   3. At least 6-8 years working experiences, with minimum of 2 years of experiences in managing / supervising relevant audit teams for established financial institutions or large professional services firms.