Information System Audit Specialist

JOB SUMMARY:

Responsible in the execution of internal audit plan producing reports and recommendations for the management and Audit
Committee. The position is also in charge of the effective administration of any additional projects/activities (e.g. fraud audits, risk assessments, SOD and system review, among others) that the Audit Manager will assign.

KEY FUNCTIONS/DUTIES AND RESPONSIBILITIES:

INTERNAL AUDIT:

• Independently carry out engagements in accordance with the Internal Audit Information Systems
• Annual Audit Plan and known information systems (IS) standards, IS assets with focus on governance,
• security and business objectives alignment.
• Evaluate existing internal control systems and identify areas of improvement with a focus on
• information technology, systems and control.
• Support the development of risk based annual IS audit plan based on comprehensive planning and risk
• assessments.
• Prepare audit reports supported by evidence-based working papers to ensure adequate documentation.
• Monitor the implementation of audit remediation and recommendations.
• Conduct follow-up audits to monitor interventions from management.
• Keep up to date with technical developments for the business area.

Others:

Perform any other tasks as requested by the Internal Audit Manager - IS and/or Head of Internal Audit.

TECHNICAL COMPETENCIES AND SKILLS:

• Minimum 5 years of experience in information systems auditing or related field; Understands auditing principles standards
  (e.g.COBIT) and methodologies;
• Knowledge and experience in the following areas: IT governance frameworks such as COBIT, ITIL, ISO/IEC 38500, IT
  infrastructure, applications and databases, Enterprise risk management (ERM) as it pertains to IT, Erp systems, IT-related
  risks including cybersecurity, data integrity, and business continuity.
• Understands software development lifecycle (SDLC) processes, change management controls and their impact on system
  integrity. Information security, network architecture and security
• Strong understanding of auditing principles standards (e.g., ISACA, COBIT) and methodologies.
• Proficiency in planning, executing, and reporting on audits of IT systems, networks, and processes.
• Familiarity with risk-based audit approaches.
• Familiarity with IT infrastructure components including servers, databases, networks, and cloud platforms, and operational
  controls.
• Knowledge of incident response and crisis management procedures, business continuity plans and disaster recovery plans.
• Proficiency in using data analysis tools (e.g., Excel, Power BI) for audit purposes.

EDUCATION, TRAININGS, LICENSES REQUIRED:

• Bachelors degree in Accounting or Finance (with strong IT audit components); Computer Science, Information Technology
  or other related field.
• CISA (Certified Information Systems Auditor), Certified Information Systems Security Professional (CISSP), or ISO 27001 Lead. Audit certification is preferred
• CIA or CPA (with IT audit specialization)