Technology Audit Manager

As our next star as IT (Technology) Audit Manager (Lead), you will get the chance to help Amartha implement IT Internal Audit activities and demonstrate your keen ability to identify the root cause of problems. You will work alongside the internal audit team, risk division, and monitor Amartha’s operational activities to improve the business process quality of Amartha.

Responsibilities:

• Ensuring the IT audit plan is executed properly and sufficient audit evidence and/or documentation is obtained to support audit findings.
• Collect and analyze data to detect anomalous transactions, deficient controls, duplicated efforts, extravagance, fraud, or non-compliance with laws, regulations, and management policies.
• Implement systems and procedures related to the IT audit process.
• Demonstrate the ability to identify the root cause of audit processes.
• Prepare audit working papers in a complete, systematic, and timely manner, ensuring they are documented in accordance with professional standards.
• Prepare detailed IT audit reports.
• Provide insightful recommendations to minimize or eliminate risks to shareholders.
• Monitor open issues and ensure the implementation of recommended internal control measures.
• Conduct advisory services for process improvement to business clusters and produce reports.
• Maintain good relations with the Auditee and third counterparts during the implementation of internal audit assignments.

Minimum Requirements:

• Technology and Business degree fields from a reputable university, such as Information Technology, Information Systems, or Computer Science.
• A minimum of 7 years of experience in auditing IT controls, including IT General Controls, IT Application Controls, and Security Controls in similar industries.
• Experience in Internal Control over Information Security Management System (ISMS): ISO 27001 review, Cyber Security, and IT regulatory compliance review.
• Strong technical background with deep knowledge in Information Technology review and Information Security review; relevant certifications such as CISA and CRISC are an advantage.
• Understanding of most IT governance frameworks and risk assessment frameworks such as COBIT, ITIL, TOGAF, and ISO 31000.
• Good knowledge in internal auditing, risk management, and business continuity.
• Ability to work on multiple projects, proactive with high initiative.
• High integrity, quick learner, agile, honest attitude, excellent teamwork, good attitude, and detail-oriented.
• Strong analytical thinking, root cause analysis, and problem-solving skills.
• Good project management skills in developing systems.
• Good written and verbal communication skills.