Senior IT Analyst (IT Controls)

ERNI is a fast-growing Software Development company headquartered and founded in Switzerland in 1994, with more than 800 employees. We are highly specialized in IT & software engineering to enable and deliver innovation in process and technology. Our first service center in Asia Pacific is in Metro Manila (Mandaluyong) from where we provide our service to Europe, APAC incl. our local market Philippines, and USA regions. We are now geared towards expansion and are looking for highly motivated joiners.

WHY ERNI is the best place to call HOME? 🏡

🤩 At ERNI, this is how we can support you; ALL company PERKS AND BENEFITS take effect UPON HIRING!

• Contract: there is always a project and opportunity for you.
• Personal Development and Travel Opportunities outside the Philippines.
• Wedding Gift – to celebrate your special day.
• Baby Basket – to welcome your newborn to the ERNI family.
• Fruit Basket – boost of vitamins during hospitalization.
• Free snacks and coffee in the office

🔐 UNLOCKING NEW DOORS OF GROWTH & OPPORTUNITIES

• Free Training with Certifications: Grow with us through technical and non-technical training.

• Challenging Projects: ERNI is dedicated to developing high-quality software in complex technical environments such as MedTech, Industry, Finance, and Transportation. Have the chance to participate in various technically challenging projects amongst passionate and skilled colleagues.

• Employee Welfare: You will be guided by a group of people who will guide and support you to have the right tools and mindset.

• Promotions & Recognition: From the very first day, we offer you a way to learn and develop yourself in our company. Your colleagues and superiors consistently recognize and appreciate all efforts, making you feel satisfied with your achievements.

• Communication: You will find transparency, honesty, and open communication in our working culture. we value suggestions, opinions, and feedback from all employees.

⏱ FLEXIBILITY

• Hybrid Set-Up: We are combining both remote work and in-person work. The hybrid setup will allow you to reduce commuting time and have a more flexible work schedule. This will help you to manage better your work-life balance.

🎉 EVENTS:

• We provide many opportunities to connect and build relationships. We are learning, growing, and celebrating achievements together. You will experience a wide range of different exciting activities. What to expect? Leisure Events, Summer Events, Family Events, Social Events, and Year-End Events.

👋 What are our wishes?

• In close coordination with IT Assurance Team, the Sr. IT Controls Analyst will perform the following:

Perform IT audit coordination activities:

• Assist in gathering and providing required evidence in a timely manner as part of various IT assurance reviews, including internal and external audits
• Review audit reports and provide recommendations on action items needed to address audit gaps in coordination with relevant teams
• Monitor status of actions plans across various ITD teams, ensuring that gaps are addressed timely and sufficient evidence is obtained to close the gap
• Create and maintain monthly dashboards to provide risk and audit data

Support IT control assessments:

• Oversee planning, execution and reporting of IT controls testing initiatives
• Assist in planning, implementation, coordination of ISO 27001, SWIFT CSP and related information security activities
• Monitor quality and timeliness of deliverables submitted by service provider. Review the working papers prepared by service provider to ensure accuracy, appropriateness and completeness of procedures performed and evidence obtained
• Recommend improvements to enhance maturity of IT control environment and mitigate recurrence of control gaps

Support IT Policy Development and Maintenance:

• Maintain central repository for ITD policies, processes, and standards
• Facilitate periodic review of ITD policies, processes, and standards for required updates
• Develop and/or update comprehensive ITD policies, processes and standards that align with industry good practices and frameworks, and in coordination with relevant stakeholders
• Provide recommendations for streamlining existing documentation or creation of new policies/processes based on changes to the IT environment

Manage and maintain ITD’s GRC Tool:

• Assist in identifying user requirements and functionalities to enhance GRC tool
• Participate in testing and deployment of new functionalities or upgrades
• Configure and/or update GRC dashboards for management reporting
• Address GRC tool issues identified or reported by users

How can you contribute to the team?

Education and Work Experience 

• Bachelor’s degree, preferably in Business Administration/Management, Accounting, Computer Science, Information Technology or Engineering
• Minimum of 5 years relevant work experience in IT audits, application development controls review and IT policy development
• Experience working in audit firm either locally or abroad
• Good understanding of IT audit principles, standards and procedures
• Broad range of knowledge of information technology as applied in an enterprise environment Technical Knowledge
• Knowledgeable on frameworks such as Sarbanes-Oxley, COSO, COBIT, NIST, PMBOK, ISO 27001, SWIFT CSCF
• Experience in GRC tool implementation and/or administration

Certification (if applicable)

• CISA, CISM, CISSP, ISO 27001 certification preferred Reporting and Coordination
• The Sr. IT Controls Analyst will report to the IT Officer (IT Assurance) in the Cybersecurity and Compliance Unit (ITOD-CS) of the IT Department (ITD).
• For the provision of staff augmentation services, the Agency Personnel will take instructions from the Manager at the Information Technology Department and work closely with the project team, internal and external stakeholders.
• The Agency Personnel will provide any other services as required by the team and ITD supervisor or user unit.