Information Technology Audit Officer

ARE YOU AN EXPERT AT AUDITING I.T INFRASTRUCTURE? THEN THIS COULD BE YOUR NEXT CAREER MOVE!

Information Technology Audit Officer 

Overview: Our client is one of the longest established Financial Services organisations in Barbados. Due to on-going I.T Infrastructure investment, they are seeking a proven proffesional to join the technology team.

 Duties & Resposibilities:

• Perform and assist in the performance of IT audits in accordance with professional auditing standards.
• Examine, review and assess the organization’s policies and procedures to ensure conformity to financial and statutory standards and make recommendations for improvement where applicable.

• Assess and evaluate risk, address audit issues and to proactively execute compliance monitoring in collaboration with senior management as well as that of the business units.

• Assist in the planning, co-ordination and implementation of the annual audit plan.

• Direct and lead teams in the planning, execution and reporting in relation to information technology audit projects.

• Develop and conduct efficient and effective IT audit procedures.

• Examine and evaluate the design and operational effectiveness of the systems IT controls.

• Regular audit testing and provide recommendations where needed.

• Perform reviews of and test general and application controls.

• Determine and assess the systems exposure to risk as well as develop remediation strategies to mitigate such exposure.

• Monitor and advise management on all possible security and network breaches.

• Provide recommendations and guidance on identified security and control risks.

• Highlight and discuss risk trends and their potential impact on the organisagtion.

• Advise management of strategies relating to the planning, implementation, monitoring and upgrade to security measures for the protection of the organisations’s data, systems and networks.

• Monitor and report on the institution’s change management processes

• Test and identify network and systems vulnerabilities and advise on the creation of counteractive strategies to protect the infrastructure.

• Communicate complex technical issues to management and staff in simplified terms 

• Coordinate and conduct data privacy audits. 

Desired Education & Experience:

• A Bachelor’s Degree in ICyber Security, Computer Science or related fiield with a minimum of five (5) years experience in an information  security or related enviornment

• Certifications from a related cybersecurity professional body such as CISM, CISA,CISSP, experence in the deployment and maintenance of security infrastructure.

• Strong understanding and knowledge of camputers, computer networks and security systems.

• Strong analytical, critical thinking, and problem-solving skills.

• Proficiency with Windows OS.

• Knowledge of network and web related protocols (eg, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).

• An understanding of Firewalls, Intrusion Protection Systems and Intrusion Detection Systems, VPN, Data Loss Prevention, Web-proxy and Security Audits.

• Knowledge of Penetration Testing methodologies and technologies.

• Ability to assess business risks and impact and enforce appropriate information security measures.

• Proven ability to conduct training.

• Strong oral and written communication skills.

• Knowledge of Internal Auditing requirements. 

• Proficient in use of computer applications in particular Microsoft Office Suite.

• Effective project management skills.

• Ability to act as team leader on projects that requires the inclusion of additional team members.