We are looking for high talented candidate for IT Auditor (Senior Manager). This position will report to VP IT Audit Manager, and responsible for reviewing and appraising the effectiveness, efficiency and adequacy of the information systems controls and procedures as well as making practical and value-
added recommendations to mitigate the risks, prepare audit reports and following up on the implementation of audit recommendations.
In addition, this position will conduct reviews over data centers, networks, operating systems, and key IT control processes, weaknesses and propose practical and value-added recommendations.
Specific areas of focus within the Infrastructure & Network IT Audit team portfolio include :
Data center environmental and physical security controls
IT operations, including service availability management, system monitoring and batch processing
Change, problem & incident management
Business continuity management
Capacity management for IT infrastructure and network
IT asset management and inventories
Platform engineering and support for core banking, midrange and distributed platforms, including configuration, build, vulnerability and patch management
IT governance, including strategic design, executive reporting and process management
Data storage and transmission management
IT end-user support services and tools, including work-station, messaging and mobile technologies
Infrastructure and supporting technology, such as intranet, mail exchange, active directory, proxy, anti virus, and VOIP
Prepare individual audit plan, audit programs, working paper, and audit report based on defined audit assignment.
Perform field audit, especially in assessing risk & controls for information systems audit universe, including application systems, operating systems, database, IT system infrastructure, storage, as well as IT-
related physical environmental.
Perform compliance-based audit according to IT general controls program and regulatory specific requirements (Central Bank of Indonesia and Otoritas Jasa Keuangan).
Provide advisory / consultation services for clients / auditee in information systems risks, as well as providing value-added IT improvements.
Perform monitoring and adequacy of the implementation of previous audit recommendation on regular basis.
Undergraduate / Graduate degree from reputable university
Relevant fields of studies such as information systems, computer science, or information technology related studies
Minimum of Grade Point Average (GPA) 3.00 or equivalent
Maximum age of 35 years old
5+ years of information systems (information technology) operational, strategy and / or auditing experience in large & complex IT environments
Certified in information system auditing, i.e. CISA
Good understanding in IT-related banking regulatory requirements, i.e. PBI / SE BI and POJK / SE OJK
Strong analytical, written communication, interpersonal, organizational, and presentation skills
Able to work independently with minimum supervision
Understand general banking application systems and infrastructure, i.e. core systems, internet banking, mobile banking, ATM, etc
Strong understanding and demonstrated experience using IT control methodologies and standards, including knowledge of some of the following industry frameworks : CoBIT, ISO / IEC, ITIL, NIST, PMI-PMBOK, PCI-DSS
Demonstrates knowledge in one or more critical areas of technology including operating systems, data centers, and network technologies (routers, switches, firewalls)
Proficient with a broad knowledge in the following information technology processes : application development, production management, information security and data governance
Audit experience at a financial institution or accounting firm (having work experience with Big-4 accounting firms will be an advantage)
Experience designing, integrating and managing complex infrastructure solutions
Experience building enterprise architecture roadmap
Experience in the following areas : cloud computing virtualization, middleware messaging, web security tools, and database management systems (Oracle, Sybase, DB2, MS SQL)