IS AUDIT LEAD

As an Internal Audit professional in the Information Security Audit Department, you will be expected to possess the following skills: - Expertise in Cloud Security, Cyber Security, Security Operations and Surveillance, Information security and privacy controls, and Banking Technologies. - Conduct IS audits across various technology segments including ITGC controls, VA, PT, APPSEC, NSAR, CA, BCP, DR, Cloud Security, Cyber Security, Security Operations and Surveillance, Information security and privacy controls, IT Processes Data Centre Operations, identity and Access Management, Change Management, Incident Management, etc. - Assist in implementing risk-based audit plans to ensure the safety and soundness of the Bank. - Ensure timely completion of assigned audits and documentation of work papers. - Provide improvement suggestions to the existing processes/systems to line management. - Keep the Audit Procedure Manual and checklists current and updated. In terms of People Management or Self-Management Responsibilities, you will be expected to: - Define performance goals in discussion with the reporting manager and ensure their monitoring and achievement throughout the year. - Take ownership of your learning agenda by identifying development needs and working towards bridging the gaps through various means. - Understand and display relevant competencies for your role effectively. - Stay updated on professional/industry, regulatory developments, and current issues through continued education and professional networks. Regarding Risk and Internal Control Responsibilities, you will need to: - Follow risk policy and processes to mitigate operational, regulatory, financial, informational, reputational, and audit risks. - Execute established internal control systems and compile relevant information for departmental audits. - Possess strong presentation skills and a good working knowledge of applicable regulatory compliances. Your technical competencies should include: - ITGC Controls - Risk assessments - VA, PT, APPSEC, NSAR, CA - Information Security standards ISO 27001 - BCP and DR - Cloud Security - Cyber Security - Security Operations and Surveillance - Information security and privacy controls - Banking Technologies Certifications such as CISA are mandatory, and CISSP and CRISC are beneficial.,