The following position is vacant in a leading bank. Applicants NOT fulfilling experience, educational and knowledge requirements need not apply.

Reporting Line: Directly to IT / IS Audit Manager / subsequently to Head Office Audit In-charge

Key Responsibilities:

- Plan annual audits

- Execute audit programs and test steps, perform and review audits

- Review security policies and procedures

- Ensure new technologies meet security requirements

- Undertake technical security tasks, such as vulnerability assessments, penetration testing, servers hardening, log monitoring, etc.

- Improve information security continually in the organization by providing security advisories for vulnerabilities, patches, etc.

- Follow-up with management on audit report responses to ensure compliance.

- Draft complete and detailed audit reports and recommend value added solutions.

- Communicate with Head of functional audit regarding audit and project status.

- Other duties as required by the management

Applicant must have knowledge of:

- Understanding of audit methodologies

- Software development lifecycle / methodologies / programming languages

- Network topologies / security concerns

- Database design / queries

- Banking / financial information systems

Preference will be given to people with knowledge of:

- Regulatory requirements regarding information systems and related concerns

- Risk-based auditing approach

- COBIT / ITIL frameworks

- ISO 27001:2005 standard for IT Security

- BS-25999 for Business Continuity

Educational requirements:

- Bachelors and/or Masters degree preferably in IT/Computer Systems

- Certifications such as CISA/CIA are desirable

- IT related certifications such as CCNA/CCNP/SCJP are preferred but not mandatory

Experience requirements:

- Minimum of 2 years field work in IT

- Minimum of 2 years IS Auditing experience