Job Description
Title: Head of IT Audit (Up to FVP)
Company Name: Bank Asia PLC
Vacancy: --
Location: Dhaka
Experience:
∎ 8 to 15 years
∎ The applicants should have experience in the following business area(s):Banks
Published: 20 Nov 2024
Education:
∎ Bachelor of Science (BSc) in Computer Science & Engineering
∎ B. Sc. In Computer Science & Engineering/ Computer Science/ Information Technology/ Information Security/ Cyber Security, etc. having no Third class/Division in academic career.
∎ Relevant Professional Certification from ISACA (CISA/ CISM, CRISC/ CGEIT/), ISC2 (CISSP/ CCSP), IIA, EC-Council (CEH/ CHFI/ CCISO/ CPENT), ISO 27001 (ISMS) Lead Auditor/ ISO 22301 (BCMS) Lead Auditor/ Lead Implementer, RHCE, ITIL, etc. will be an added advantage
Requirements:
Additional Requirements:
Responsibilities & Context:
∎ Conduct annual business plan using a risk-based approach for Information Systems audits, including branches.
∎ Implement Information Technology audits for all the relevant technical systems.
∎ Compliance assessment of regulatory guidelines, policies, and processes.
∎ Monitor IT general control and application control for its effectiveness.
∎ Information Technology and Information Security Risk Assessment.
∎ Risk Assessment of ADC channels, digital banking, and payment gateways.
∎ Provide consultancy to relevant stakeholders.
∎ Ensure timely execution of annual audit plans and perform audits to achieve the annual audit plan in critical areas.
∎ Ensure that sufficient and appropriate audit evidence with necessary supporting documents is collected and audit programs are updated.
∎ Prepare audit reports, summary reports, audit programs, etc.
∎ Keep updated banking knowledge, Bangladesh Bank guidelines, circulars, auditing standards, changing/ amendment of law/regulations, ISO, NIST, OWSAP, etc.
∎ Identify significant risk areas and/or control weaknesses and inform the management.
∎ Assist in conducting investigations, including any other special assignments.
∎ Ensure that Audit IT systems, platforms, and operating procedures comply with the established corporate standards for efficiency, accuracy, and security.
∎ Analyze and document all information systems and related controls, and develop an appropriate audit program to test them.
∎ Analyze, assess and evaluate the risk of core banking, card management, and other satellite and middleware applications from security and regulatory compliance perspective.
∎ Review audit reports and ensure that recommendations are incorporated.
∎ Technical assessment of information security solutions, like SIEM, PAM, SOAR, DLP, Web Gateway, Firewall, MDM, etc.
∎ Maintain good liaison with regulators and other stakeholders.
∎ Present the audit findings, annual planning, etc. to the Management and Board Audit Committee.
∎ Evaluate IT infrastructure in terms of risk to the organization and establish controls to mitigate loss.
∎ Technical assessment of payment channels like ATM, POS, EFT, etc.
∎ Perform data analysis with appropriate CAAT.
∎ Perform IT procurement-related pre-audits.
∎ Sound reporting, reviewing and presentation skills.
∎ Conduct annual business plan using a risk-based approach for Information Systems audits, including branches.
∎ Implement Information Technology audits for all the relevant technical systems.
∎ Compliance assessment of regulatory guidelines, policies, and processes.
∎ Monitor IT general control and application control for its effectiveness.
∎ Information Technology and Information Security Risk Assessment.
∎ Risk Assessment of ADC channels, digital banking, and payment gateways.
∎ Provide consultancy to relevant stakeholders.
∎ Ensure timely execution of annual audit plans and perform audits to achieve the annual audit plan in critical areas.
∎ Ensure that sufficient and appropriate audit evidence with necessary supporting documents is collected and audit programs are updated.
∎ Prepare audit reports, summary reports, audit programs, etc.
∎ Keep updated banking knowledge, Bangladesh Bank guidelines, circulars, auditing standards, changing/ amendment of law/regulations, ISO, NIST, OWSAP, etc.
∎ Identify significant risk areas and/or control weaknesses and inform the management.
∎ Assist in conducting investigations, including any other special assignments.
∎ Ensure that Audit IT systems, platforms, and operating procedures comply with the established corporate standards for efficiency, accuracy, and security.
∎ Analyze and document all information systems and related controls, and develop an appropriate audit program to test them.
∎ Analyze, assess and evaluate the risk of core banking, card management, and other satellite and middleware applications from security and regulatory compliance perspective.
∎ Review audit reports and ensure that recommendations are incorporated.
∎ Technical assessment of information security solutions, like SIEM, PAM, SOAR, DLP, Web Gateway, Firewall, MDM, etc.
∎ Maintain good liaison with regulators and other stakeholders.
∎ Present the audit findings, annual planning, etc. to the Management and Board Audit Committee.
∎ Evaluate IT infrastructure in terms of risk to the organization and establish controls to mitigate loss.
∎ Technical assessment of payment channels like ATM, POS, EFT, etc.
∎ Perform data analysis with appropriate CAAT.
∎ Perform IT procurement-related pre-audits.
∎ Sound reporting, reviewing and presentation skills.
Workplace:
∎ Work at office
Employment Status: Full Time
Job Location: Dhaka
Company Information:
∎ Bank Asia PLC
∎ Bank Asia Tower, 32 & 34, Kazi Nazrul Islam Avenue, Karwan Bazar, Dhaka
∎ Bank
Address::
∎ Bank Asia Tower, 32 & 34, Kazi Nazrul Islam Avenue, Karwan Bazar, Dhaka
∎ Bank
Read Before Apply: Please apply only who are fulfilling all the requirements of this job
Application Deadline: 30 Nov 2024
Category: Bank/Non-Bank Fin. Institution
