Yana Banking Services

Information System Internal Auditor

Job Overview

Position Purpose 
The Information Systems Internal Auditor is responsible for evaluating the effectiveness, efficiency, and security of an organization’s information systems, technology processes, and controls. This role involves conducting audits, risk assessments, and compliance reviews to ensure the protection of data, integrity of systems, and adherence to relevant regulations.

Key Responsibilities and Accountabilities:

  • Collaborate with the audit team to develop a risk-based IT audit plan, including defining audit objectives, scope, and timelines.
  • Stay informed about emerging technology risks and industry best practices
  • Conduct IT audits to assess the adequacy of IT controls, security measures, and compliance with policies and standards.
  • Evaluate the design and effectiveness of information systems, data processing, and technology infrastructure.
  • Assess the organization’s cybersecurity posture, including vulnerability assessments and penetration testing.
  • Identify security weaknesses and recommend improvements.
  • Ensure compliance with data protection laws and industry-specific regulations.
  • Evaluate data handling practices, data access controls, and data encryption.
  • Identify and assess IT-related risks and control weaknesses.
  • Provide recommendations to mitigate identified risks and improve control effectiveness.
  • Assess the organization’s incident response plan and disaster recovery procedures.
  • Test and evaluate the organization’s ability to recover from IT-related incidents.
  • Maintain comprehensive and organized audit documentation, including workpapers, findings, and recommendations.
  • Prepare audit reports summarizing findings, recommendations, and action plans.
  • Communicate audit results to management and relevant stakeholders.
  • Provide practical recommendations for enhancing information systems security and technology controls.
  • Collaborate with IT teams to implement recommended changes.
  • Monitor and verify the implementation of audit recommendations and assess their effectiveness in mitigating risks.Job Requirements and QualificationsEducation:
  • Bachelor’s degree in Information Technology, Computer Science, or a related field (relevant certifications such as Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) may be preferred).
  • 3-5 years of Proven experience in IT auditing, information security, or related roles.


  • Strong understanding of IT systems, security, and risk management.
  • Proficiency in audit methodologies, IT tools, and data analysis.
  • Excellent analytical, communication, and problem-solving skills.
  • Attention to detail and ability to work independently and within a team.
  • Ethical behavior and a commitment to maintaining confidentiality.
  • Effective time management and multitasking abilities.
  • Excellent communication skills, both verbal and written.
  • Adaptability in a fast-paced environment.
  • Training and development experience.
  • Industry knowledge related to the organization’s products or services.
  • Fluent in English, Arabic and/or Kurdish.


  • Good computer skills
  • Able to collate and interpret data from various sources.


  • Self-Discipline.
  • Problem-Solving Skills
  • Attention to Detail.
  • Great Communication Skills (verbal clarity, good writing skills)
  • Ability to prioritize workload.

More Information

Apply for this job