You are required to plan and execute IT Applications control audit, Process and Governance audits of systems. An application control audit is designed to ensure that an application’s transactions and the data it outputs are secure, accurate and valid. As applications have become the primary attack vector for malicious individuals seeking to breach enterprise defenses, the application control audit has become an important tool in ensuring that software is free from flaws and vulnerabilities that might be exploited by hackers.
You are required to review IT policies and procedures while ensuring that IT controls are working effectively. You are to identify weaknesses and provide effective recommendations to enhance all different IT systems application controls while reviewing the adequacy and effectiveness of current controls, as well as the reliability and integrity of systems. You are to ensure compliance with policies, plans, procedures and regulations, and safeguard the Group assets.
In addition, you are to participate in ad-hoc projects such as fraud investigations, customer complaints and regulatory non-compliance issues.
Requirements:
- Degree in Computer Science/ Information Systems or its equivalent
- At least 2 to 3 years of IT Audit experience with a bank or financial institution is critical to excel in this role
- Hands on experience on application security framework such as NIST SP 800-53, OWASP.
- Experience on SDLC, source code, encryption, authentication and authorization standards.
- Experience on DNS, load balancing, application vulnerability and penetration testing.
- Certifications in CISA/ CISM/ CISSP or its equivalent is preferred
- Highly competent with IT audit methodologies and concepts, including COSO and COBIT
- Demonstrate capability in managing IT audit assignments independently while working as a core member of the Internal Audit team
- Good analytical skills
- Good interpersonal and communication skills with the ability to work with staff at all levels would be advantageous