Participate in the audit team assignments and special reviews (when required by regulators, business lines, or senior management)
Contribute to the planning and preparation of the assignment understanding the methodology to be applied, acquiring a deep knowledge of the activities to be covered, understanding the detailed technologies, gathering relevant key figures, etc.
Develop a thorough understanding of the activities within the scope of the assignment, its strategy andernance, and the related risks.
Evaluate the overall setup and identify the main areas of risk (including aprehensive assessment of the management actions).
Execute detailed investigations leveraging on a strong technical knowledge in various IT systems (Databases, Operating systems Linux / Windows, Cybersecurity / Network security, Virtualization, containerization, Cloudputing and related risks)
Leverage on adequate programming languages and scripting to perform efficient investigations by automating analysis.
Ensure the adequate learning and understanding of the standard IT solutions used in the IT infrastructure and production, Cybersecurity management in order to analyze adequately their configuration and be able to identify and raise potential risks.
Rmend appropriate actions to the management in order to remediate the identified weaknesses.
Formalize the results of the assignment investigations and contribute to the production of the assignment deliverables.
Present the conclusions of the assignment fieldwork to the senior management.
Review the implementation of the Inspection Générale rmendations
Review and challenge the actions defined to remediate the weaknesses identified by the audit team through its assignments.
Ensure the adequacy of the answers to address permanently the gaps following accurately the rmended actions.
Perform relevant control testing to ensure the proper implementation of the actions.
Contribute to the periodic risk assessment of IT activities and planning
Perform a periodic andprehensive risk assessment of the IT activities as per the Group guidelines.
Keep abreast of change / new development of regulatory requirements that are relevant to IT activities and related functions.
Assist in the elaboration of the IT audit planning following a risk-based approach.
Requirements
Bachelor’s / Master’s Degree in Information Technology / Management Information System / puter Science and related discipline
Professional Qualification / Certificate in Audit, CISA, CISSP, CISM, CCSP is a plus
Strong expertise in Cybersecurity. (IT security hands-on experience is a plus)
Strong technical background in IT activities. (including IT production / IT systems expertise)
Excellent writing and presentation skills
High level of initiative,mitment, and drive
Ability to work effectively under pressure and within short deadlines.