IT Audit Officer

Work Setup: Onsite (Ayala Cebu)

Schedule: 8:30AM - 5:30PM

Minimum Job Requirements:

• Candidate must be a graduate of a four-year Bachelors Degree Course in Information Technology, Computer Engineering, Computer Science, Accounting Information Systems, or a related field.
• Minimum of 3 years of experience in IT audit, cybersecurity, or information systems assurance; banking industry experience preferred.
• Relevant certifications such as Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) are advantageous.
• Knowledge of IT audit principles, cybersecurity practices, and relevant regulatory frameworks.
• Understanding of network infrastructure, IT systems, applications, and infrastructure within the banking industry.
• Proficiency in audit software (e.g., ACL, IDEA) and data analytics tools (e.g., Power BI, Excel).
• Strong analytical thinking and problem-solving skills
• Excellent verbal and written communication.
• Ability to work independently and manage multiple priorities.
• Fraud audit
• Governance, risk, and control tools and techniques.
• Influence – ability to persuade
• Updated with industry and regulatory changes and professional standards
• Auditors Code of Ethics
• Has a high degree of integrity, honesty, and professionalism.

Job Highlights:

Audit Planning and Preparation:

• Participate in the development of the IT audit plan and strategies in alignment with the banks risk-based audit approach.
• Identify key areas of IT risk and assist in defining the scope, objectives, and methodologies for IT audit engagements.
• Gather and analyze relevant information on IT infrastructure, systems, and processes to support effective audit execution.

Audit Execution:

• Conduct audits and reviews of IT controls, including but not limited to logical access, system development life cycle, change management, disaster recovery, and cybersecurity.
• Test and evaluate the adequacy and effectiveness of IT controls and security protocols.
• Review system configurations, logs, and audit trails to detect irregularities, risks, and policy violations.
• Assess compliance with IT-related regulatory requirements (e.g., BSP Circulars, Data Privacy Act, ISO/IEC 27001)

Risk Assessment:

• Identify, analyze, and assess IT risks and vulnerabilities across critical systems and infrastructure.
• Evaluate the banks IT risk management practices and recommend improvements.
• Contribute to the prioritization of IT audit areas based on emerging threats and residual risks.

Data Analysis and Evaluation:

• Utilize data analytics tools to extract, transform, and analyze large datasets for anomalies, patterns, and process inefficiencies. ·
• Validate the integrity and reliability of IT-generated reports and data used in decision-making.

Documentation and Reporting:

• Prepare clear and concise working papers and audit documentation in accordance with internal audit standards.

IT Audit Officer:

• Draft IT audit findings, including root cause analysis, risk implications, and actionable recommendations.
• Present and communicate results to management and relevant stakeholders, and follow up on corrective actions.

Compliance and Governance:

• Evaluate IT policies, procedures, and operations to ensure compliance with internal policies and external regulations.
• Provide support in internal or external regulatory examinations involving IT and information security.
• Promote strong IT governance practices in collaboration with IT and compliance units.

Process Improvement:

• Recommend process improvements to enhance operational efficiency, control effectiveness, and security.
• Keep abreast of emerging technologies, industry trends, cyber threats, and changes in the regulatory landscape.
• Contribute to the enhancement of IT audit programs, tools, and techniques.