|Date Posted:||Dec 4, 2019|
|Closing Date:||Dec 12, 2019|
|Work Type:||Full Time|
|Number of Vacancies:||1|
|Functional Area:||Computer Science,Information Technology|
|Salary Range:||As per company salary scaleAF|
|Years of Experience:||5 - 7 Years|
|Contract Duration:||Not specified|
|Probation Period:||3 months|
The First Microfinance Bank - Afghanistan.
Founded in 2004, The First Microfinance Bank - Afghanistan (FMFB-A) is part of the Aga Khan Agency for Microfinance (AKAM), which has programs in over 10 countries throughout the developing world. FMFB-A's vision is to be recognized as the leading microfinance services provider contributing to poverty alleviation and economic development through the provision of sustainable financial services primarily targeting micro/small businesses and households. The bank provides credit and deposit products to a wide range of clients including micro, small and medium enterprises along with commercial banking and international remittance services.
The bank is also a member of the Global Alliance for Banking on Values (GABV) - an independent network of banks using finance to deliver sustainable economic, social and environmental development. Our values-based banking agenda focuses on providing affordable financial services that promote entrepreneurship, agriculture, incremental housing and clean energy in Afghanistan.
With over 1,100 employees, FMFB-A operates in 14 provinces of Afghanistan through 39 branches. The number of FMFB-A clients across 14 provinces reaches about to 180,000 (men and women) both in rural and urban areas. The FMFB-A loan outstanding and savings values reach to over AFN 6.2 billion and AFN 2.5 billion, respectively.
Working under supervision of Chief Internal Auditor, provides guidance and supervision to the internal audit staff to ensure performance of audit missions as per annual audit plan. Ensures that audits are being performed adequately to address areas of concern and ensure performance of work being in conformity with prescribed policies and procedures by the bank and/or regulatory authorities or sound / best business practices where no policies exist. The position shall also be responsible to assist other Internal Auditors in consolidation and preparation of audit reports for reviews performed.
Duties & Responsibilities:
- To hold discussions with auditee to gain the understanding of the functions being performed and associated IT/IS systems and processes so that a focused audit scope could be developed.
- Review the IT/IS risk assessment developed by the team in line with audit scope to ensure that potential vulnerabilities and compensating controls have been identified based on associated risk factors to gain an understanding of the overall IT/IS control environment of the function being audited.
- Supervise and support the time in preparation of risk based audit plan and work program for the audit engagement/s.
- Ensure detailed planning of audit assignments, audit testing, and reporting in accordance with Information Security/IT Policies, standards, procedures, practices, and controls in line with Bank’s objectives, International standards, best practices and controls frameworks (ISO/IEC 27001:2013, COBIT, NIST 800:50, and ITIL).
- Ensures that audit assignments are focused on key risk areas including design, controls and security hardening of servers, network and security devices in line with organization standards, control frameworks and best practices (CIS, CoBIT, ISO27001, NIST 800:50, PA and PCI DSS).
- Control the full audit cycle including control design assessment, operating effectiveness, systems availability & security and compliance with all applicable directives and regulations.
- Reports significant findings to senior management on a timely basis that could adversely affect the Bank’s assets and/or reputation.
- Ensuring a follow up mechanism on deficiencies reported during past audits
- Continuous research and learning to gain industry wide knowledge and best market practices to build new audit techniques and makes recommendations for improvements to IA systems, reporting etc.
- Carry out special audits/reviews as may be directed.
- Contribute to professional development of the team by providing guidance regarding industry best practices related to IT and information security/cybersecurity.
- Stay up to date with best practices, laws, rules and regulations impacting financial institutions and ensuring that the changes are incorporated into the independent assessment process.
- Advise and instruct team leaders and team members regarding risk and compliance policies relevant to work area to ensure business is not exposed to undue risk.
- Oversee the operational workload of team to ensure that allocated staffs are fully utilized in order to achieve agreed program of work.
- Advise and instruct team members relating to risk and compliance policies relevant to work area to ensure business is not exposed to undue risk
- Display mutual respect within the team as well as with peers, associates and supervisor to deliver quality output.
- Any other task assigned to.
- Computer Science bachelor’s degree from an accredited college or university required and/or advanced degree in Management Information Systems or equivalent education qualified is preferred.
- CISA / CISM / CISSP certifications (If not, the candidate must be willing to become certified).
- A second certification/degree in a specialty field (e.g., IS, IT auditing, Fraud or fraud auditing, HR, Legal, Accounting, Microfinance or Banking). This may substitute for one year of required experience.
- Minimum 5 years working experience in related field. Previous experience in internal audit is desired. Experience in microfinance would be preferred.
- Proficient knowledge on computers, specially accounting/audit packages, MS Office.
- Knowledge of local banking, corporate and other regulations will be a plus.
- Strong critical thinking, analytical and communication (verbal and written) skills with ability to encourage discussions.
- Must be well organized and flexible and having the ability to maintain professional ethics, particularly for confidentiality and conduct responsibilities with professionalism.
- Must have excellent training, coaching and leadership skills.
- Ability to work under pressure and difficult conditions.
- Self-initiative and confident.
- Willingness to travel.