Develop and execute a detailed audit work plan for the IT audit component of the IA team.
Perform IT security assessment processes, including audit and organizational policy and standards review.
Draft and assist in reporting audit results to head of IA.
Assess and communicate audit results, translate findings into level of risk and drive remediation of key issues in a timely manner.
Draft and analyze audit reports.
Establish metrics and monitor efficiencies
Develop a sustainable IT system controls framework that is adhered to and effective.
Manage the evaluation of design and operational effectiveness of IT System Controls.
General Controls and business cycle application controls.
Participate in compliance related activities as required
Guide and coach junior team members as and when required
Required skills and qualifications:
Understanding of public accounting practices and procedures and internal audit process, technology and tools for planning, design, performance, testing and reporting.
Thorough knowledge of information technology general controls concepts in the areas of system development, change management, computer operations and access to programs and data and experience identifying and assessing business process controls and linkage to IT systems.
Solid understanding of IT security fundamentals across multiple domains including security management, security architecture, access control, application development, operations security, physical security, cryptography, telecommunications and networking, business continuity planning, investigations and ethics.
Considerable experience applying internal control principles and business/technical knowledge, including Application Controls and IT General Controls; financial reporting concepts; and, considerable working experience applying professional skepticism skills.
Professional qualifications such as CISA/CISSP would be advantageous.
Excellent communication skills would be a pre-requisite due to the need to liaise with senior stakeholders in the business.