Associate Manager/ Manager, Information & Communication Technology Audit, ICC

Job Description

Title: Associate Manager/ Manager, Information & Communication Technology Audit, ICC

Company Name: BRAC Bank PLC

Vacancy: --

Age: Na

Job Location: Anywhere in Bangladesh

Salary: --

Experience:

• At least 5 years
• The applicants should have experience in the following business area(s): Banks

• Masters
• Bachelor/Honors

Master/bachelor’s degree from a reputed university in Computer Science/IT/related fields.

• At least 5 years
• The applicants should have experience in the following business area(s): Banks

• At least five years of relevant experience.

• Relevant professional certifications from ISACA, ISC2, IIA, EC-Council, RHCE, CEH, ITIL, etc.

• Experience in IT and banking IT Systems.

• Sound analytical skills.

• Knowledge of risk management and business continuity.

• Stay up to date with the latest IT security and vulnerability management practices.

• Sound knowledge in agile/DevSecOps process.

• Quickly adapt to the dynamic and challenging environment.

• Be customer-centric, team player, and keen to develop others.

BRAC Bank PLC is a full-service private commercial bank in Bangladesh, aiming to become the most trusted, innovative and inclusive bank, driven by purpose and powered by people. It plays a pivotal role in shaping the country`s financial future, with a clear focus on sustainability. With the highest market capitalization, the highest international shareholding and the country`s best credit rating, the bank leads the Bangladesh banking industry in key financial metrics. BRAC Bank is considered the standard bearer of good governance, ethics and values-based banking. BRAC Bank today serves as a trusted partner for individuals and businesses across every segment of the economy - Small & Medium Enterprises (SME), Corporate & Institutional and Retail Banking.

BRAC Bank is currently looking for an ambitious, intelligent, goal-oriented and enthusiastic individual for the following position in its Internal Control and Compliance Division:

Employment Type: Full-time

Job Grade: PO/SPO

Key Responsibilities:

• Perform end-to-end audits in IT, Information Security, and Cloud Security from initiation / risk assessment, planning, development of work program and execution, and reporting.

• Identify and analyze software bugs and operational errors, and verify that bug fixes are implemented correctly.

• Review quality assurance testing, including manual and automated testing, to identify functional and operational issues, inconsistencies, and security vulnerabilities.

• Identify potential risks related to data security, IT processes, and compliance with regulatory requirements and industry standards.

• Plan and design audit procedures and strategies based on the organization`s specific needs and objectives.

• Conduct audits of IT systems, applications, and processes to assess their effectiveness, security, and compliance.

• Maintain detailed records of audit findings, including vulnerabilities, weaknesses, and recommendations.

• Ensure that the organization`s IT practices adhere to relevant laws, regulations, and industry standards (e.g., BB ICT and Cloud Guidelines, ISO 27001, PCI DSS).

• Provide recommendations and action plans to address identified vulnerabilities and improve IT security and efficiency.

• Communicate audit findings and recommendations to relevant stakeholders, including management and IT teams.

• Stay updated on emerging threats, technologies, and industry best practices to enhance the organization`s cybersecurity posture continually.

• Keeping updated about banking knowledge, BB guidelines, circulars, auditing standards, changing/ amendment of law/regulations etc.

• Adequately analyze, assess, and evaluate the risk of IT and Information security systems and applications.

• Conduct data analysis using suitable Computer-Assisted Audit Technique (CAAT).