Head IT Audit at Pishon and Brooks Advisory Services

Pishon & Brooks Advisory Services Limited (PBAS) is a professional services firm that supports her clients by managing their end-to-end HR Processes in order to enhance their productivity and growth aspirations.

JOB OBJECTIVE(S)

• To provide independent assurance to management on IT General Controls.
• Ensure best assurance practice in the plan and execution of IS Audit Programs.
• Ensure enterprise wide compliance of business processes and operations to internal policies, procedures and documentations.
• Incorporation of standard practices, principles and processes into audit programs and execution.
• Review of risk related control issues and draft appriopriate remediation plans.
• Understand the business environment and develop relationships with audit client in providing value added solutions and best practices implementation.
• Ensures the effectiveness of IT governance, cybersecurity, system controls, data integrity, and regulatory compliance in line with financial services and fintech regulatory requirements.

DUTIES & RESPONSIBILITIES

• Audit Review of Database Management Systems, Enterprise Network security and Device configuration, Antivirus, Systems Patches and Log Management.
• Audit Review of Software Development Life Cycle, Project Management Implementation and Change Management Procedures.
• Develop and execute a risk-based IT audit strategy aligned with the company’s FinTech operating model and regulatory landscape.
• Audit Review of Data Encryption Processes, Key Encryption/ Key Management Lifecycle, and Operating Systems, physical and logical security of card holder environment.
• Audit Review of Active Directory, Operating Systems, Data Bases, Systems’ Logs, Soc, Transaction monitoring and backup & tape management.
• Ensure IT audit coverage aligns with financial services regulations, including data protection, cybersecurity, and technology risk requirements.
• Assess systems and general IT controls and provide practical and Value-added remediation plans.
• Prepare audit reports that summarize the most significant control weaknesses and resulting impact to the organization.
• Provide strategic advisory support on emerging technology risks, digital transformation initiatives, and new product launches.
• Participate in multiple and simultaneous risk assessment.
• Evaluate general IT controls (GITCs) including access management, change management, system development life cycle (SDLC), and IT operations.
• Contribute to internal departmental initiatives such as training, departmental development initiatives and other internal projects as requested.
• Effectively discuss audit issues and develop business focused controls recommendations to strengthen control lapses and weaknesses-based audit while maintaining departmental quality standards. Function as part of a team or work independently when requires.

REQUIREMENTS

• EDUCATION: University: Bachelor’s degree in Information Technology, Computer Science, or Related field.
• OTHERS: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or related professional certifications would be an added advantage.
• Experience: Minimum of 10 years’ experience in IT Auditing or a similar role. Understanding of the key technology and general controls around enterprise. Applications and information systems. Strong experience auditing cloud environments, digital platforms, cybersecurity, and third-party vendors.

KNOWLEDGE:

• Knowledge of Systems and General IT Controls.
• Analytical skills to access Operational and Compliance Requirements of Application systems and infrastructure.
• Strong Data Analysis and experience with Computer Assisted Auditing Techniques.

SKILL/COMPETENCIES:

• Deep understanding of fintech systems, digital payments, APIs, cloud infrastructure, and cybersecurity risks.
• Strong knowledge of IT control frameworks (e.g., COBIT, ISO 27001, NIST, NDPA).
• Excellent stakeholder management, communication, and presentation skills.
• High integrity, independence, and sound professional judgment.

Method of Application

Signup to view application details. Signup Now