Senior Manager - IT & Cyber Security Audit

D360 Bank

Develop an IT & Cybersecurity (IT) audit plan that complies with relevant internal auditing standards. At a minimum, these will include:

• Pre and post implementation reviews of system implementations or enhancements
• IT security audits (e.g., network, operating system and data centers), the evaluation of security vulnerabilities
• General computing controls and compliance
• Reviews of IT management policies and procedures such as change management, business continuity planning/ disaster recovery and information security to ensure that controls surrounding these processes are adequate

Develop objectives of IT audit plan arising from changes technology landscape and regulations

Review workflows and activities in the IT audit plan to propose enhancements

Determine approaches, methodologies and tools required to measure compliance and risk of IT assets and technologies

Manage the implementation of IT audit plans, and evaluate existing audit plans for relevance and changes

Ensure adherence to IT audit standards and procedures during the conduct of audit activities

Review audit findings to assess overall state of IT governance, compliance and risks

Review evidence for accuracy and comprehensiveness to support IT audit conclusions

Prepare and report results to executives, the Audit Committee and other stakeholder groups as required

Determine key messages for communication and presentation materials to share IT audit findings and recommendations

Manage the investigation of non-compliance to IT standards and identified IT risk to determine required changes to structure, policies, processes and behaviors

Manage follow-up reviews to ensure adequacy and timeliness of corrective actions

Develop recommendations to enhance IT compliance, address risks and strengthen controls against emerging risks

Provide inputs to the development of training programs for adoption of new processes and practices designed to mitigate IT risks

Determine and manage IT audit budget and expenditures for in house and outsourced audit work

Work with lead to develop function plans and budgets

Perform any other duties assigned to by line manager related to the nature of the work

Enforce, incorporate, and comply with all necessary controls and related information security policies, procedures, practices, training, reporting, personal due diligence and vigilance, within departmental/unit activities and operations.