Qualifications, Experience & Competencies Required

• A Bachelor’s degree in Information Systems Technology, Computer Science, or Engineering, or equivalent experience required
  

• Possesses or part qualified in one or more of the following certifications: Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or other related certification.
  

• At least two years’ experience in IT Audits , IT Risk management or Banking Operations.
  

• Conducting Information System risk assessments for new and existing systems, applications, and programs to ensure compliance with the bank’s security policies, regulatory requirements and adherence to best practices to identify weaknesses or security exposures and prescribe solutions to mitigate the risks related to those weaknesses and exposures.
  

• Performing periodic and surprise security assessments of areas such as operating systems, database management systems, firewalls, intrusion detection systems, and web-based applications.
  

• Identifying and evaluating business technology risks and internal controls which mitigate risks, and related opportunities for internal control improvement and propose risk treatment plans.
  

• Providing guidance over the general activities and concerns of the organization’s Information Technology function including governance, policy, control design, general operational effectiveness, and internal controls.
  

• Liaising and coordinating with respective Risk champions, review IT risk and control self-assessments