IT AUDITOR (Senior Level)
We are looking for high talented candidate for IT Auditor (Senior Level). This position will report to VP IT Audit Manager, and responsible for reviewing and appraising the effectiveness, efficiency and adequacy of the information systems controls and procedures as well as making practical and value-added recommendations to mitigate the risks, prepare audit reports and following up on the implementation of audit recommendations.
In addition, this position will conduct reviews over information security controls & implementation to identify cyber security risks, controls weaknesses and propose practical and value-added recommendations.
- Prepare individual audit plan, audit programs, working paper, and audit report based on defined audit assignment.
- Supervise and perform field audit, especially in assessing risk & controls for information systems audit universe, including application systems, operating systems, database, IT system infrastructure, storage, as well as IT-related physical environmental.
- Perform compliance-based audit according to IT general controls program and regulatory specific requirements (Central Bank of Indonesia and Otoritas Jasa Keuangan).
- Provide advisory/consultation services for clients / auditee in information systems risks, as well as providing value-added IT improvements.
- Perform monitoring and adequacy of the implementation of previous audit recommendation on regular basis.
- Undergraduate/Graduate degree from reputable university
- Relevant fields of studies such as information systems, computer science, or information technology related studies
- Minimum of Grade Point Average (GPA) 3.00 or equivalent
- Maximum age of 37 years old
- Fluency in English
- At least 5 years of information systems (information technology) auditing experience in large & complex IT environments (having work experience with Big-4 accounting firms will be an advantage)
- Certified in information system auditing, i.e. CISA, or information security i.e. CISSP, GSEC
- Good understanding in IT-related banking regulatory requirements, i.e. PBI/SE BI and POJK/SE OJK
- Understand IT-related control practices, i.e. CoBIT, ISO/IEC, NIST, CISecurity, as well as other IT practices i.e. ITIL, PMI-PMBOK
- Understand general banking application systems and infrastructure, i.e. core systems, internet banking, mobile banking, ATM, etc
- Able to work independently with minimum supervision
- Good communication skills, and very good in report written (in Bahasa Indonesia) is mandatory
- Good knowledge/practice in computer forensics procedure (evidence collection, acquisition, and analysis) will be an advantage