රැකියා අවස්ථා

Responsibilities 

• Develop and execute the annual IT audit plan based on a risk-based methodology.
• Lead and conduct IT audits across diverse domains, including IT operations, SDLC, database security, endpoint management, network security, access management, automation, application security, data centers, backup processes, IT governance, business continuity, cloud security and IT general controls.
• Prepare concise, well-documented IT audit reports with clear issue descriptions, risk impact, and actionable recommendations.
• Present audit findings and recommendations to the Board Audit Committee and other senior management committees.
• Conduct ISO 27001:2022 audits and assist in maintaining compliance and improving ISMS posture.
• Perform special reviews including security assessments, vulnerability scans, phishing simulations, and incident investigations.
• Evaluate new system implementations, post-implementation reviews, and due diligence of third-party service providers.
• Actively participate in Business Continuity Planning (BCP) and Disaster Recovery (DR) drills as an observer or reviewer.
• Support regulatory gap assessments related to the Technology Risk Management and Resilience Direction and the Data Protection Act.
• Ensure alignment with recognized frameworks such as CIS and NIST to address identified gaps and strengthen compliance.
• Manage the IS Audit team, mentor junior auditors, and ensure timely and effective execution of the audit plan.
• Follow up on audit findings and corrective actions, ensuring timely resolution and reporting.
• Engage in ad hoc reviews, investigations, and advisory assignments as required by the Chief Internal Auditor.

Qualifications

• A bachelor’s degree in Cybersecurity, Information Systems, Computer Science or a related field.
• Professional certifications such as CISA, CISM, CISSP, ISO 27001 LA/LI, or equivalent are highly desirable.
• Minimum 4–6 years of relevant experience in Information Systems Auditing, preferably within a financial or regulated institution.
• Hands-on experience in performing independent audits on systems like core banking, mobile applications, third-party integrations, and enterprise infrastructure.

LB Finance always welcome candidates having volunteering experience and CSR Mindset

If you are interested in becoming a part of our vibrant work environment, please submit your updated resume to [email protected] within 7 days of this advertisement. Kindly indicate the position you are applying for in the subject line.

apply now