Information System Control Officer at Polaris Bank Limited

Who are we looking for:

We are looking for an Information System Control Officer with a proven track record in designing, developing, and implementing IT control reviews and procedures regarding the organization’s process, systems, accounting structures, projects and change management process.

Job Description

• To plan, organize and carry out the information system controls function including the preparation of an audit manual and audit plan.
• Evaluate information in compliance with existing policies and procedures, identifying and proposing modifications as needed.
• Conduct periodic reviews of the effectiveness of the internal control system to ensure the integrity of the system, improve them and propose value-added recommendations.
• Collaborate with business and process owners to implement and monitor remedial actions that result from IT control audits, and drive the effective implementation of corrective actions.
• Deliver adequate and timely action plans and monitor progress to address and resolve identified IT control deficiencies, change management process and experience in User Acceptance testing.
• Develop, execute, and monitor adequate internal control over IT in line with best accounting practices, ISO standards, PCI DSS and identifying appropriate risk and mitigation strategies.
• Monitor and ensure all system user accounts/privileges are approved with proper system access parameters in line with their respective level of information access for their job functions.
• Work with stakeholders to ensure that controls are fully embedded in the design of IT processes, project and systems.

Preferred skills and experience/Requirements  

• Bachelor’s Degree in computer Science, Information technology, Accounting, or other related fields of study.
• Experience in Internal Control, IT control and IT Audit, information technologies, security risk and Control assessment with Minimum of 2 years’ experience.
• CISA, CRISC, CISSP and or ICAN certification will be an added advantage.
• A good Understanding of International standards such as ISO27001, ISO 22301 and PCIDSS.
• Ability to perform control reviews on a wide range of application, system development operations and security procedures and according to international standard, OWASP and best practices
• Risk Assessment, IT security and infrastructure knowledge, technology auditing skills, Analytical skills, SQL, Excellent Communication skills and perfect command of the English language.
• Ability to evaluate emerging technologies and identify their potential impact within the existing environment.