Global Information Systems Auditor
FINCA Impact Finance , Pakistan

A CAREER ADVANCING FINANCIAL INCLUSION:

ABOUT FINCA IMPACT FINANCE

FINCA Impact Finance (FIF) believes in the power ofInclusive Finance.

FINCA Impact Finance is a global leader of responsible financial services. We are comprised of 17 full-service banks and microfinance institutions and a holding/shared service company and we serve more than 2.8 million customers with an array fintech and traditional products and services. We are a double bottom line company that delivers positive social impact and financial sustainability.

We are 9,000 dedicated colleagues who are passionate that financial services can have a positive impact. Most of us living in the communities we serve, and all of us guided by our values of warmth, trust, and responsible banking.

We welcome candidates with diverse backgrounds and considers people at all career stages. We seek individuals with whom we can build strong and lasting relationships - people who care about, and have respect for, customers. We look for colleagues who approach their work with joy, innovation, energy, and a sense of service beyond self.

Thank you for applying.

Role Purpose

Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

Information Systems (IS) Auditor helps organizations by analyzing and assessing a company's technological infrastructure to ensure processes and systems run accurately and efficiently, while remaining secure and meeting compliance regulations.

We are looking to hire an IS Auditor with an analytical mind and expertise in IT systems, applications and infrastructure. IS Auditor is expected to have outstanding problem-solving skills, meticulous attention to detail, excellent understanding of technology and cybersecurity and the ability to work independently.

IS Auditor is responsible for planning, coordinating, conducting, and reporting on IT audits of networks, applications, security, systems development and processes. He/she must collect and evaluate data on the organization's systems, practices, and operations, as well as conduct fieldwork, evaluate the IT controls' design and operational effectiveness, and identify problems for solutions.

Accountabilities

• Develop, implement, test and evaluate IT audit review procedures;
• Examine IT controls, evaluate the design and operational effectiveness, determine exposure to risk and develop remediation strategies;
• Participate in the development of the annual IT audit plan
• Perform IT audit reviews using the established auditing standards;
• Develop IT Audit programs for each assignment;
• Conduct efficient and effective IT audit procedures;
• Provide recommendations and guidance on identified security and IT risks;
• Communicate complex technical issues in simplified terms to the relevant staff;
• Develop a strong understanding of business processes;
• Prepare audit report and working papers to ensure that adequate documentation exists to support the completed audit and conclusions;
• Prepare and presents written and oral reports and other technical information in a pertinent, concise, and accurate manner for distribution to management;
• Follow up on audit findings to ensure that management has taken corrective actions;
• Providing consulting services and assistance in technology-related projects and in the IT risk management process;
• Coordinate and interact with external IT auditors and regulators;
• Keeps knowledge up to date with respect to relevant modern IT audit, IT risk management, IT controls, technology, cybersecurity and IT systems;

Qualifications

• Master's degree in Computer Science, Information Technology, Information Systems or related field;
• Certified Information Systems Auditor (CISA) highly desired;
• Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Certified Information Security Specialist (CISSP), Certified ISO/IEC 27001 Lead Auditor, internal auditing or forensic certification a plus;

Experience

• 5 years of full-time experience as an IS/IT auditor;
• IS audit experience in micro credit industry, financial services, commercial banks, audit company or central banks is a plus;
• Multicultural and remote audit experience is a plus;

Knowledge and Skills

• Extensive knowledge of and skill in applying ISACA IT Audit and Assurance Standards, Guidelines and Tools and Techniques, Code of Professional Ethics and other applicable standards;
• Knowledge of and skill in applying following international standards and frameworks: COBIT, ISO 27001, NIST Cybersecurity Framework, ITIL, OWASP Top 10, CIS Critical Security Controls;
• Knowledge of current technological developments/trends;
• Understanding of Banking Systems, IT Infrastructures, Network, Database, Cloud (AWS, Azure), Office 365, Endpoint Security, Active Directory, Firewalls, VPN, Data Loss Prevention, IDS/IPS, SIEM and Web-Proxy;
• Ability to independently conduct IT audits of IT infrastructure, network, various business applications, databases, IT operations, IT projects, key IT processes, and security procedures and standards;
• Ability to review system backup, disaster recovery and maintenance procedures;
• Ability to gather data, compile information, and prepare reports;
• Basic knowledge of project management, software development methodologies, programming and SDLC;
• Knowledge of risk management and control techniques;
• Considerable skill in effective verbal and written communications, including active listening skills, negotiation skills and the skill of presenting issues at the root cause level and recommendations for improvement. Ability to establish and maintain harmonious working relationships with co-workers, staff, management and external contacts, and work effectively in a professional team environment;
• Problem identification and solution skills by core, conceptual and analytical thinking;

Language Skills

• Fluency in English is required;
• Fluency in other FINCA working languages, such as Spanish, French, or Russian is a plus.

Travel requirements

Ability to travel up to 30% of the time.
It is desirable to have either dual citizenship of Pakistan and USA or to hold current visa US visa due to extensive travelling.

Job Rewards and Benefits