IT Auditor

Department : Compliance
Reports to: VP Regulatory Affairs & Chief Compliance Officer

Position Summary

To conduct risk based reviews of the institution Information Technology systems/ applications, related user accesses, infrastructure and information/ cyber security, in accordance with the approved annual Plan/ ad hoc requests from senior management, under the overall supervision/ direction of the Department Head. Also, to provide inputs from an internal control perspective on projects/ other matters, as referred to the incumbent.

Key Responsibilities

Key responsibilities include but are not limited to:
• Conduct risk assessment over IT systems, infrastructure and processes (including Information Security and BCP/ DR related processes) and develop the draft annual IT internal audit plan therefrom for discussion with the Head of Department.
• Execute the IT audit assignments as per the approved Plan for the year and ensure timely submission of final review reports to concerned senior management.
• Perform follow-up on the “Management Action Points” (MAPs) as per the established practice to ascertain satisfactory/ timely completion of agreed actions by concerned management / teams. Ensure any delays in MAP closures are timely highlighted to senior management.
• Establish and maintain healthy relationship with internal and external stakeholders.
• Work closely with other applicable external stakeholder’s viz. external auditors, regulators, AXP Compliance and Internal Audit etc. as and when required, under the direction of the Head of Department (HOD).
• Assist the HOD in providing IT (includes information security) related control inputs on various company initiatives/ programs and projects to other departments, including but not limited to developing new products, systems, processes or revising any existing procedures, etc. Also, provide similar inputs on changes to applicable regulations pertaining to information technology and information security related matters.
• Assist in investigative work, policies and procedures review and other matters as assigned from time to time by the HOD.

Requirements

Unique Knowledge & Skills

• An experienced IT audit professional with 5-7 years of experience auditing IT systems/ applications and is well-versed in auditing cloud service providers, digital applications and information security tools/ architecture.
• A graduate degree holder having a CISA qualification. Additional professional certifications in the internal audit domain shall be preferred.
• Preferably operational knowledge of the Card Business and related systems.
• Good working knowledge of MS Office– Word,excel, powerpoint, microsoft project, as well as Computer Assisted Audit Techniques (CAATs)
• Ablity to multi-task without compromising on quality and prioritise workload effectively.
• Good interpersonal skills and ability to communicate at all levels.
• Good report-writing ability with focus on highlighting issues of material risk to management.
• Ability to work independently, use initiative and give attention to detail.

Customer Centricity

• Demonstrate ability to put the customer at the centre of everything you do and apply frictionless processes for all internal and external customers.
• Proven customer experience skills that bring to life customer-centric culture, improve customer data quality to gain actionably customer experience related insights and grow customer loyalty.
• Propose customer-focused solutions
• Demonstrate key customer centric attributes towards internal and external customers by being empathetic, transparent, clear, communicative, collaborative and flexible.

CONTACTS

Internal

• Technologies Department
• Corporate Security Department
• Other functional departments (as required)

External

• AXP Internal Audit, AXP Compliance
• External Auditors, Regulators
• BCP/DR related consultants
• Vendor for screening system.

About the Company

"One Vision for Consultancy" is a one stop professional service provider specialising in:

Employment Consultancy (Human Asset Recruitment & Talent Acquisition): Using a competency based frame work; we indentify the best candidates to fit your unique organisational needs. The objective is to ensure recruitment of high potential talent for long term retention with the capability of achieving succession planning in the organisation. We offer both contingency and retained search.

Our executive team, with their strong corporate and business backgrounds and track record of success, will help you identify and recruit candidates within a short time frame to meet your business needs and requirements. We source talent worldwide as required by specifics or as set by the client.

Facilities Managed Services: We provide staffing resources and services for short as well as long term basis to support front and back office requirements.

Computer Software Design Development and Maintenance: Our objective is to first and foremost understand our clients and their requirements. We work with business alliance partners who have experience, highly skilled technical professionals, a working methodology and good industry knowledge. We provide our clients with solutions that are capable of driving projects to successful completion and customer satisfaction. Provide onsite IT professional for IT maintenance, support, system study, development, implementation or consultancy.

Technical Assistance to maintenance and operations of facilities: System studies, design, develop, implement, support, maintain and manage operational plant services.

Staff augmentation of professionals for short and long term projects.