IT Internal Audit Specialist
PT Bukalapak.com, Indonesia

Job Description

• Responsible for carrying out full audit cycle and risk management relating to Cybersecurity, Information security, Identity access management, IT systems development projects and other IT risks
• Ensuring SOPs, good corporate governance, best practices, and the rules in the company are applied in the business processes that run in Bukalapak

• Assist with Internal Audit operational tasks such as management of audit status, issue status, audit file preparation and implementation

• Evaluate audit results and coordinate with management to develop appropriate action plans to address identified findings, weaknesses, and areas of concern noted during the performance of the audits

• Work in partnership with other related departments/functions to manage audit findings that need to be followed up.6. Prepare accurate, logical, and concise audit reports based on applicable standards and regulations

• Responsible for following issues that are developing in the industry that have an impact on internal and corporate audits

• Responsible for carrying out other work activities according to Bukalapak's needs.

Requirements

• Around 4 years of experience as an IT Auditor
• Strong understanding of IT processes and technology, with demonstrated proficiency to perform audits and control reviews in one or more of the following areas is required:

- IT General Control
- Application Control
- Enterprise Application such as Oracle/SAP
- IT Compliance

• Advanced knowledge of IT practices, system development, IT operations, networks, database management, security (cyber risk), data privacy, and IT risk assessment in agile environment
• Knowledge of external leading risk, controls, and governance frameworks such as COBIT, NIST, ISO27000, and ITSM
• Network of professionals from IT Audit field from various industries whom he/she can exchange and update knowledge to
• Able to provide advisory related to risk and control design as well as giving insight in accordance with business objectives
• Knowledge in IT Compliance towards regulation in E-Commerce and Fintech Industry (PBI, POJK, UU, etc)
• CISA (Certified Information System Auditor) certification holder is preferred
• Proficient in conducting reviews of highly technical areas including current/emerging technologies and key layers of IT such as networks, databases, cloud services and applications, data and cyber security, operating systems, firewalls, third party risk, etc.

Job Rewards and Benefits