SK Finance - Manager - IT Audit

About the Job:

- As the Manager of IT Audit, you will be responsible for ensuring the adherence to a risk-based internal audit plan.

- Your role will involve performing thorough application audits and evaluating systems for compliance with security protocols and industry standards.

Here are the key responsibilities and duties:

Audit Planning and Execution:

- Adhere to and manage the execution of the risk-based internal audit plan.

- Conduct comprehensive system audits, evaluating the overall integrity and functionality of organizational systems.

- Perform application audits and assess adherence to security protocols and industry standards.

Documentation and Reporting:

- Develop and maintain audit documentation, including risk assessments, working papers, audit program checklists, evidence gathering, and report writing.

- Review and ensure timely and accurate documentation for regulatory submissions, such as cyber-related returns, in compliance with relevant standards.

Data Center and Disaster Recovery:

- Conduct audits of data centers and disaster recovery sites to ensure proper operational practices and adherence to recovery protocols.

Vendor and IT Governance Audits:

- Perform audits of IT vendors to ensure compliance with contractual and security requirements.

- Assist in IT governance audits, reviewing and assessing governance frameworks and practices.

Process Review and Improvement:

- Review Standard Operating Procedures (SOPs) and Risk Control Matrices (RCMs) to ensure effectiveness and compliance.

- Communicate findings and enforce support processes through follow-up and closure of audit issues.

Industry Awareness:

- Stay abreast of industry trends, emerging threats, and regulatory changes to continuously inform and enhance security practices and audit methodologies.

Key Skills and Qualifications:

Experience:

- Proven experience in IT auditing, with a strong understanding of application audits, data center audits, and IT governance.

- Experience with IT vendor audits and regulatory compliance.

Technical Skills:

- In-depth knowledge of security protocols, industry standards, and regulatory requirements.

- Proficiency in audit documentation, including risk assessment, working papers, and report writing.

Communication and Interpersonal Skills:

- Strong ability to communicate audit findings clearly and effectively.

- Skill in enforcing support processes and following up on audit issues.

Industry Knowledge:

- Up-to-date understanding of industry trends, emerging threats, and regulatory changes impacting IT security.

Educational Background:

- Bachelor's/Master's degree in Information Technology, Computer Science, Accounting, or a related field.

Advanced certifications (e., CISA, CISSP) are preferred