Job Description

Bank ABC seeks to recruit a Senior Auditor - IT & Digital in the Group Audit Department.

The job holder will be responsible to support Group Audit in providing assurance to Senior Management and the Audit Committee on the adequacy and effectiveness of internal controls primarily related to all aspects of Information Technology, Information & Cyber Security, Business Continuity Management, Digital, Operational and IT Risk Management. It includes: Delivery of audit assignments in line with the annual plan and scope Providing ongoing business monitoring, risk assessment and input to the annual audit plan Managing relationships within the organization or external parties Adhering to and contributing for the maintenance of Audit methodology, practices and supporting tools Responsibilities of the role: Reporting to the Audit Head - Group IT, CISO, BCM and Risk Management, the job holder will be required to: Monitor business activity to identify any changes in risk profiles or deterioration in control environment and updating audit risk assessment and plans to align with emerging risks/control issues - these can be achieved through activities such as regular meetings with local heads of functions / departments; Keep abreast of new laws, regulations, rules, Group and local policies, products, technologies and projects and consider implications. Assist the Audit Head in maintaining a structured inventory of auditable entities representing the total population of Units, functions, departments, branches and representative offices. Contribute to the development of the Annual Audit Plan based on risk assessment taking into account business monitoring activities and specific requests from Management. Perform audit assignments in line with the approved Annual Audit Plan, on time and within budget. Adhere to Group Audit and international standards and requirements related to the IIA code of ethics, principles, staffing, methodology and the quality of work papers, deliverables and reporting. Maintain an appropriate, pro-active, constructive and balanced relationship with Management; supporting Group Audit in the fulfillment of obligations and responsibilities in respect of governance, risk management and internal controls. Support Group Audit with pro-active and effective tracking / monitoring of progress achieved with the implementation of agreed corrective action plans related to audit reports published. Pursue continuous development of knowledge, skills, experience and professional certifications to support Internal Audit responsibilities. Seek coaching and mentoring with more experienced colleagues whenever required for career development and achieving greater responsibilities in future. Areas of Knowledge, Qualification and Experience Preferably 5+ years of professional experience, with a minimum of 3 years in the IT audit / assurance field within financial services; University degree preferably in Information Technology, Computer Science or related subjects. Preferably post-graduated; Desirable possessing relevant professional certifications such as CISA or CISSP Strong knowledge of processes and controls related to the technical aspects of Operational Resilience (i.e. Information Technology, Information & Cyber Security, IT Disaster Recovery Management, 3rd party management and IT & Cyber Risk Management); Exposure to Digital Transformation and/or Innovation projects; Proven experience in the identification and assessment of risks and controls related to IT, Information & Cyber Security and Digital initiatives; Experience in performing technical audits and business-integrated audits; Familiarity with agile methodologies; Exposure to one or more of the following IT processes: application development and support, change and release management, incident and problem management and logical access management; Knowledge from hands-on or auditing controls associated with one or more of the following on-premises/cloud technology platforms: databases (Oracle, SQL Server), operating systems (Windows, Unix, Linux), virtualization, networking and telecommunications; Exposure to IT & Cyber Security controls for end-user, data, application, network and perimeter Good understanding of financial services and electronic payment services Familiarity with mobile banking applications, digital banking, cloud computing, APIs, Fintech, agile project methodologies among others; Familiarity with and exposure to different audit methodologies and with workflow-based audit software e.g. SAI Global-BWise, Teammate, etc. Knowledge of COBIT, ISO 27000 series NIST and other industry standard frameworks Knowledge of regulatory requirements related to Technology, Cyber Security, Data Protection, Cloud Computing and Business Continuity; Fluent in English (and a second language is desirable, French or Arabic)