ICT Auditor / Senior ICT Auditor

We are seeking a motivated and detail-oriented ICT Auditor to join our Internal Audit team. The successful candidate will play a key role in evaluating the effectiveness of IT applications, controls, and processes, with a primary focus on applications audit, general IT controls (GITCs), and application-level controls (ITACs).

This position offers exposure to a wide range of technologies and business processes, providing an excellent opportunity for professional growth in IT audit and risk assurance.

Job Duties:

• Conduct application audits across key business systems to assess data integrity, security, and compliance with organizational and regulatory standards.
• Evaluate and test General IT Controls (GITCs), including access management, change management, backup & recovery, and system operations.
• Assess Application Controls (ACLs) within critical business applications (e.g., Core Banking System ERP, HR, financial and other satellite applications).
• Collaborate with business and IT stakeholders to identify risks and recommend practical control improvements.
• To ensure quality and consistency of audit reports and findings
• Support integrated audit assignments by providing ICT-related assurance alongside financial or operational auditors.
• To communicate audit findings and recommendations to senior management.
• To cope with any emerging data analytics trends and industry best practices.

Job Qualifications & Skills

• Bachelor’s degree in Information Systems, Computer Science, Accounting, or a related field.
• 3+ years of experience in IT audit, information security, or risk management.
• Basic understanding of IT governance, cybersecurity, and audit principles.
• Familiarity with frameworks such as COBIT, ISO 27001, or NIST is a plus.
• Strong analytical and communication skills.
• Hands-on experience auditing business applications (e.g., Oracle, Microsoft Dynamics, custom-built systems).
• Solid understanding of IT General Controls and Application Controls.
• Professional certification such as CISA, CIA, or CRISC is preferred.