• Associate Manager - Information Security (IS) Audit Internal Audit Colombo
  • NDB Bank in Colombo, , Sri Lanka
  • jobs
  • 1 month ago

jobs description

Job Categories : Banking and Financial Services,IT-SWare / Internet
Associate Manager - Information Security (IS) Audit Internal Audit

The job holder will be responsible for assisting Lead IS Auditor/Team leader/VP - internal audit in providing reasonable assurance to the Board Audit Committee (BAC) and the Management on the adequacy of the design and effectiveness of the internal controls of the Bank and the subsidiaries

• Performing Information security/systems audits/reviews of the Bank as per the approved annual audit plan
• Provide necessary value additions on IS controls based on industry standards and best practices while drafting audit findings
• Ensure that all control assessment Forms (CAF) for IT and where IS related controls are specified in other operational areas are verified during audits
• Initiate Risk Assessment of Processes (RAPs) of all auditable areas with regard to IT Risk elements
• Review the Management Action Plans (MAPs) and prepare final audit... reports for review of Lead IS Auditor while supporting the following up on the status of reported findings to ensure risks are mitigated
• Assist in reviewing policies, system, processes and practices taking in to account best practices, changes in local and international standards and changes in the business environment
• Assist in conducting Vulnerability Assessment and Penetration Tests
• Undertake special assignments, investigations and forensic analysis related to Information Technology

• Possess Bachelor's degree in Information Technology, Information Security discipline or any other related field
• Certified in CISA, CISM, CISSP, ISO 27001 Lead Auditor, etc. would be an added advantage
• Possess around 06 years of Banking/IT experience out of which minimum 04 years should be in the area of IS Audit/ Information Security/IT Risk/ IT Security
• Exposure in auditing Core Banking Applications and other supporting Banking Applications along with IT Infrastructure would be preferred
• Thorough understanding of Cyber security, IT Operations, Software Development Methodologies and relevant regulations on technology risk
• Possess good presentation and report writing skills along with excellent communication skills
• Be a good team player and contribute effectively towards continuous monitoring of IT Security controls
• Attention to detail and possess strong analytical skills

Deadline - 17th of May

Colombo Sri Lanka


Apply - Associate Manager - Information Security (IS) Audit Internal Audit Colombo