About the role:
As our next star as IT Audit Lead, you will get chance to help Amartha on implementing IT Internal Audit
activities and demonstrate your keen ability to identify root cause of problem. You will work alongside the
other internal audit team, risk division, and monitoring Amartha's operational activities to deliver
improvement of business process quality of Amartha.
Responsibilities:
- Ensuring IT audit plan is executed properly and sufficient audit evidence and/or documentation is
obtained to support audit findings.
- Collect and analyze data to detect anomaly transaction, deficient controls, duplicated effort,
extravagance, fraud, or non-compliance with laws, regulations, and management policies.
- Implement systems and procedures related to IT audit process.
- Demonstrate the ability to identify root cause of audit process.
- Prepare audit working papers in complete, systematic, and timely manner and ensure those are
documented in accordance with professional standard.
- Prepare detailed IT audit report.
- Providing insightful recommendations to minimize or eliminate risks to shareholders.
- Monitor open issues and ensure implementations of recommend internal control measures.
- Conduct advisory services process improvement to business cluster and produce its report.
- Maintain good relations with the Auditee and third counterparts during the implementation of internal
audit assignment.
**Requirements**:
- Technology and Business degree fields from a reputable University, such as Information Technology,
Information Systems, or Computer Science.
- Have a minimum of above 6 years of experience in auditing IT controls, including IT General Controls, IT
Application Controls, and Security Controls in similar industries.
- Have experience in Internal Control over Information Security Management System (ISMS): ISO 27001
review, Cyber Security, and IT regulatory compliance review.
- Strong technical background with deep knowledge in Information Technology review and Information
Security review, and having relevant certification is an advantage: CISA, CRISC, or ISO27001
implementor/ lead auditor.
- Understand most IT governance frameworks and risk assessment frameworks such as COBIT, ITIL,
TOGAF and ISO 31000.
- Have a good knowledge in internal auditing, risk management and business continuity.
- Ability to work with multiple projects, proactive and high initiative.
- High Integrity, quick learner, agile, honest attitude, excellent team work, good attitude, and detail
oriented.
- Strong analytical thinking, root cause analysis, and problem solving.
- Have a good project management skill in developing system.
- Good communication skill written & verbal.