IT Audit Officer (Ayala Cebu) | Onsite

About the position

Work Setup: Onsite (Ayala Cebu) Schedule: 8:30AM - 5:30PM Minimum Job Requirements : Candidate must be a graduate of a four-year Bachelors Degree Course in Information Technology, Computer Engineering, Computer Science, Accounting Information Systems, or a related field. Minimum of 3 years of experience in IT audit, cybersecurity, or information systems assurance; banking industry experience preferred. Relevant certifications such as Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) are advantageous. Knowledge of IT audit principles, cybersecurity practices, and relevant regulatory frameworks. Understanding of network infrastructure, IT systems, applications, and infrastructure within the banking industry. Proficiency in audit software (e.g., ACL, IDEA) and data analytics tools (e.g., Power BI, Excel). Strong analytical thinking and problem-solving skills Excellent verbal and written communication. Ability to work independently and manage multiple priorities. Fraud audit Governance, risk, and control tools and techniques. Influence – ability to persuade Updated with industry and regulatory changes and professional standards Auditors Code of Ethics Has a high degree of integrity, honesty, and professionalism. Job Highlights: Audit Planning and Preparation: Participate in the development of the IT audit plan and strategies in alignment with the banks risk-based audit approach. Identify key areas of IT risk and assist in defining the scope, objectives, and methodologies for IT audit engagements. Gather and analyze relevant information on IT infrastructure, systems, and processes to support effective audit execution. Audit Execution: Conduct audits and reviews of IT controls, including but not limited to logical access, system development life cycle, change management, disaster recovery, and cybersecurity. Test and evaluate the adequacy and effectiveness of IT controls and security protocols. Review system configurations, logs, and audit trails to detect irregularities, risks, and policy violations. Assess compliance with IT-related regulatory requirements (e.g., BSP Circulars, Data Privacy Act, ISO/IEC 27001) Risk Assessment: Identify, analyze, and assess IT risks and vulnerabilities across critical systems and infrastructure. Evaluate the banks IT risk management practices and recommend improvements. Contribute to the prioritization of IT audit areas based on emerging threats and residual risks. Data Analysis and Evaluation: Utilize data analytics tools to extract, transform, and analyze large datasets for anomalies, patterns, and process inefficiencies. · Validate the integrity and reliability of IT-generated reports and data used in decision-making. Documentation and Reporting: Prepare clear and concise working papers and audit documentation in accordance with internal audit standards. IT Audit Officer: Draft IT audit findings, including root cause analysis, risk implications, and actionable recommendations. Present and communicate results to management and relevant stakeholders, and follow up on corrective actions. Compliance and Governance: Evaluate IT policies, procedures, and operations to ensure compliance with internal policies and external regulations. Provide support in internal or external regulatory examinations involving IT and information security. Promote strong IT governance practices in collaboration with IT and compliance units. Process Improvement: Recommend process improvements to enhance operational efficiency, control effectiveness, and security. Keep abreast of emerging technologies, industry trends, cyber threats, and changes in the regulatory landscape. Contribute to the enhancement of IT audit programs, tools, and techniques.

Place of work