Friday, May 25, 2018

IT Auditor



 As an IT auditor you will have to execute your IT audit knowledge across the organization to ensure the compliance with the standardized polices and procedures.

Client Details

This is a very well established and successful organization with a global presence and ambitious plans to expand on their already existing diverse portfolio of products and services.

Description

* Conduct Information security risk assessments and assist in the development of risk-based audit programs
* Preparation of system notes for process under review using narratives and/or flow charts and assist in identification of key risks and controls in place to mitigate such risk.
* Perform Infrastructure and Network Reviews, General Controls and Applications Reviews, Pre and Post Implementation Reviews, Compliance Examinations and Reviews, and Integrated Audits
* Conduct engagements to assess the security of infrastructure components such as operating systems, databases, webservers, email servers, etc. in accordance with P&Ps, relevant benchmarks and vendor specific security hardening guidelines
* Conduct security and configuration reviews of security infrastructure such as firewalls, routers, switches, IDS/IPS, anti-virus and anti-spam applications, and wireless security, and assess network security controls. Review the existing LAN / WAN network and flow diagrams to identify security design flaws
* Conduct external, internal and role based penetration testing and vulnerability assessment using relevant tools as part of audits
* Auditing/Monitoring of incidents related to cyber-attack, security violations and other incidents (e.g. virus infections, compromised information, data integrity problems, etc.) to ensure that the first and second lines of defense continuous monitoring efforts are reliable and responsive to risks and in compliance with approved security procedures
* Assess and review adequacy and effectiveness of controls on emerging digital and infrastructure technologies that may give rise to new risks for the organization (e.g. internet technology, mobile technology, cloud technology, social technology, etc.) and develop and update audit programs to cover these areas during audits
* Assist in the development of detailed audit work papers incorporating test schedules to ensure that the audit objectives are met
* Completion of audit steps/tests assigned to self within agreed time budgets. Keep the in-charge / Manager informed of progress for any project time extension
* Based on evidence gathered and testing performed, conclude clearly on each step assigned bearing in mind that the internal controls being tested are suitable, efficient and effective and the audit objective has been met
* Responsible for discussing and validating any audit exceptions /weaknesses/concerns highlighted during reviews with client, identifying related risks, recommend corrective action/improvements and document relevant Management responses for the exception
* Contribute to the identification of key risks and controls during each audit project and evaluate and report on the adequacy and effectiveness of the entity level internal controls
* Perform data analytics through standard tools (e.g. ACL) to identify exceptions during audits.
* Identify new/emerging risks, if any, and appraise the Audit Manager and determine whether the same warrants any additional work
* Attend exit meetings and prepare draft audit report for timely submission to Audit Manager
* Completion and wrap-up of relevant Teammate file (EWP) in compliance with established Departmental quality standards
* Ensure compliance with the Internal Audit Departmental standards and Policies and Procedures and Quality Assurance Program in addition to the company policies and procedures

Job Offer

* Joining an incredible organization
* An attractive tax-free salary
* Additional benefits.

Requirements
* Should possess a Bachelors/Master's degree in Computer Science, Telecommunications, Computer Engineering, Networking or related field
* Should possess relevant professional certifications or should be studying towards qualification e.g. CISA, CEH, OSCP, CISM, CISSP, etc
* Minimum 6-8 years working experience in IT audit, IT security, IT Technical background
* Understanding the application of audit management software (ACL, Excel, Teammate, etc.)
* Ability to work independently and within a team environment
* Working knowledge of commercial tools such as Nessus, Core Impact, open source tools like Nmap, Metasploit and KALI Linux, as applicable during audits
* In depth technical knowledge on a variety of IT platforms, databases and network components (Unix, AS400, Windows, SQL, Oracle, Firewalls, Routers, Switches, IDS/IPS, Middleware, etc.).

About the Company
Michael Page is one of the world’s leading professional recruitment consultancies, specializing in the placement of candidates in permanent, contract, temporary and interim positions with clients around the world.

The Group has operations in the UK, Continental Europe, Asia-Pacific and the Americas. In the Middle East we focus on the areas of:

Finance & Accounting Banking & Financial Services Procurement Property & Construction Engineering & Supply Chain Oil & Gas Technical and Engineering Human Resources Sales Marketing Technology Secretarial Executive Search Legal

The Group operates through 161 offices in 33 countries and employs over 5,000 employees worldwide.

No comments:

Post a Comment