IT Auditor - CIA/CISA

1. Provides professional audit work, individually or as a team leader, in conducting reviews of assigned organizational activities in accordance with Standards for the Professional Practice of Internal Audit, and department standards.

2. Plans and executes corporate information technology (IT) audit projects designed to provide assessment of internal control processes and operational performance, in accordance with department and professional standards.

3. Demonstrate and apply a thorough understanding of complex information systems. Prepares and reviews audit work papers and reports documenting the result of reviews of assigned activities and recommended management action.

4. Use knowledge of the current IT environment and industry IT trends to identify potential issues and risks.

5. Prepares detailed plans for performing individual audits including the identification of key risks and controls, determination of audit objectives, and development of an appropriate audit program. Recommends the necessary staff and budget to complete the project.

6. Prepares under minimal supervision audit reports designed to provide operating and Corporate management and the Audit Committee of the Board of Directors with an objective assessment of systems, processes and operations, and management's planned corrective actions.

7. Participates in reviews of internal controls and security of systems under development as well as major IT projects and initiatives.

8. Assists in the development and execution of a comprehensive audit plan based upon risk assessment, management's goals and objectives, and the requirements of the Board Audit Committee. Identifies potential audit areas, assists with assessing the degree of inherent risk, and estimating the time and skills required to complete audit projects.

Qualification and Experience Requirement

Education :

- Certification as a Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA) and/or specific to the information technology industry such as a Certified Network Engineer, Certified Security Professional, or other certification for which Internal Audit has a need.

Experience :

- A minimum of four years operational IT audit experience in an environment that provides exposure to sophisticated information systems audit techniques, network security, technology infrastructure, software development, project management, or a related field for which Internal Audit has a need.

- Understanding of concepts related to information systems audit, including security and control risks such as logical and physical access security, change management, information security, business recovery practices and network technology.

- Strong analytical ability, including network and network systems design, capacity planning, operations methodology, error detection/resolution techniques, quality assurance techniques, and IT implementation and management methodologies.

- Knowledge of Control Objectives for Information and Related Technology, Accepted Auditing Standards, Standards for the Professional Practice of Internal Auditing.

Asia Regional Office

Skills:

- Proficient in MS Office applications which include Outlook, Word, Excel, PowerPoint, Access, and Visio

- Demonstrated critical thinking and analytical skills

- Demonstrated ability to work independently while contributing to the success of the team

- Exceptional oral and written communication skills suitable for all levels of management. Ability to negotiate an