Information Systems Auditor at d.light

Key Responsibilities

Technology Risk & Control Assurance


Evaluate technology risks associated with strategic business initiatives and propose suitable mitigation strategies.
Execute risk-based audits encompassing: Application controls,Information security controls,Change management processes,Incident management processes,IT operations and service quality,Data protection standards and Logging and monitoring mechanisms
Conduct audits of transaction systems to assess the sufficiency of both automated and manual controls.


Audit Planning & Execution


Contribute to the development and delivery of the annual Technology audit coverage.
Ensure audit objectives, scope, procedures, and results are properly documented in alignment with internal audit methodology and technology strategy.
Maintain high-quality audit working papers in accordance with internal policies and professional audit standards.


Reporting and Stakeholder Engagement


Engage in constructive discourse with key stakeholders and management regarding audit observations.
Formulate comprehensive, risk-rated audit reports delineating control deficiencies, underlying causes, systemic thematic issues, and identification of emerging trends.
Monitor the timely remediation of identified audit findings and proactively collaborate with stakeholders to ensure adherence to agreed-upon deadlines, thereby preventing overdue corrective actions.
Offer strategic insights about industry best practices and the evolving landscape of technology risks.


Continuous Risk Assessment & Advisory


Execute ongoing information systems risk assessments.
Serve as a subject matter expert concerning information system controls and prospective technologies.
Build trusted professional relationships across the Technology, Risk, and Internal Control functions while upholding the independence of the auditing role.
Provide control design input to support strategic initiatives without compromising objectivity.


Desired Skills and Experience


Education: A Bachelor's degree in Information Systems, Computer Science, Cybersecurity, or a closely related discipline is required.
Professional Certification: Certification is essential. The Certified Information Systems Auditor (CISA) is highly preferred. Additional certifications such as CISSP, CRISC, COBIT, or CIA are a distinct advantage.
Experience: 1 - 2 years of experience in IT Audit, IT Risk, or Technology Assurance is required. Experience auditing ERP, CRM, or multi-tenant platforms is considered a strong advantage.