IT Audit Manager

• Plan and Lead IT Audits
• Develop and execute a risk-based IT audit plan aligned with BancNet's strategic objectives, risk appetite, and regulatory expectations.
• Lead end-to-end audits: planning, scoping, fieldwork, testing, documentation, and reporting.
• Assess IT governance, risk management, and control processes across applications, infrastructure, and operations.
• Audit Critical Payments & Switching Systems
• Evaluate design and operating effectiveness of IT controls over:
• ATM and POS switching platforms
• EFT and interbank funds transfer systems
• Card management and authorization systems
• Settlement, clearing, and reconciliation systems
• Online and mobile channels, APIs, and integration layers
• Review end-to-end transaction processing, including interface controls, batch jobs, logs, and exception handling.
• Assess Infrastructure, Security, and Operations
• Perform audits over:
• Network architecture and security (firewalls, routers, VPNs, segmentation)
• Servers, operating systems, databases, and storage
• Identity and access management (IAM), privileged access, and SSO
• Change management, release management, and configuration management
• IT operations, monitoring, capacity management, and incident/problem management
• Assess the effectiveness of cybersecurity controls based on frameworks such as NIST CSF, ISO 27001, or equivalent.
• Regulatory, Compliance, and Standards
• Evaluate compliance with relevant Bangko Sentral ng Pilipinas (BSP) IT and cybersecurity regulations and circulars applicable to payment systems and financial institutions.
• Assess adherence to data privacy requirements and internal information security policies.
• Support management in preparing for regulatory examinations and external audits related to IT and cybersecurity.
• DataAnalytics & Continuous Auditing
• Use data analytics and automated scripts where feasible to test large transaction populations, exceptions, and control effectiveness.
• Contribute to building continuous auditing/monitoring routines for high-risk areas (e.g., access changes, privileged activities, system parameter changes).
• Issue Management & Stakeholder Engagement
• Clearly document findings, root causes, and impacts, and agree on practical, risk-based remediation plans with process and system owners.
• Present audit results to senior management and relevant governance committees in a concise, insightful manner.
• Track and validate remediation of IT audit issues and report status to Internal Audit leadership and stakeholders.
• Methodology, Quality, and Advisory
• Ensure all work complies with International Standards for the Professional Practice of Internal Auditing (IIA Standards) and Internal Audit methodology.
• Identify opportunities to enhance IT controls, process efficiency, and automation, providing advisory input while maintaining independence.
• Coach and review the work of junior auditors or co-sourced resources (if applicable), ensuring quality and consistency of audit execution.

Explore a career with a premiere financial services company.Enjoy market-aligned salaries and benefits.

• Bachelor's degree in Information Technology, Computer Science, Computer Engineering, Information Systems, or a related field.
• 7+ years of combined experience in IT audit, IT risk, information security, or technology controls, with:
• Substantial exposure to financial services, payments, banking, or fintech environments.
• At least 2-3 years in a senior, lead, or supervisory capacity.
• Strong experience auditing or working with:
• Core banking or payment systems
• Switching/EFT platforms, card systems, or similar high-availability transaction processing environments
• IT general controls (ITGCs), application controls, and automated controls

• Solid understanding of:
• IT general controls (access management, change management, operations)
• Application controls, interface controls, and report reliability
• Network and infrastructure security concepts (e.g., segmentation, IDS/IPS, DLP, logging and monitoring)
• Database security, backup and recovery, and system hardening
• Familiarity with frameworks and standards such as:
• COBIT, NIST, ISO 27001, ITIL, and relevant BSP regulations on IT risk and cybersecurity.
• Experience with one or more of the following is a strong plus:
• Audit or assessment of payment networks, card schemes, ATM/POS systems, or interbank clearing and settlement systems
• Use of data analytics and visualization tools for audit (e.g., ACL, IDEA, SQL, Power BI, or similar)
• Understanding of business continuity planning (BCP) and disaster recovery (DR) testing from an audit perspective.

• Strong analytical and critical thinking skills; able to connect technical issues to business and risk impact.
• Excellent report writing and communication skills, with the ability to convey technical findings to non-technical stakeholders.
• High level of integrity, independence, and professional skepticism.
• Ability to manage multiple audits and stakeholders in a fast-paced, regulated environment.
• Collaborative mindset with the confidence to challenge constructively and influence senior stakeholders.

• CISA (Certified Information Systems Auditor)
• CISM, CISSP, CRISC, or CIA
• Certifications in ISO 27001, ITIL, COBIT, or cloud platforms (e.g., AWS, Azure, GCP) are an advantage.

• Competitive salary
• Comprehensive allowances and benefits package
• A permanent position with potential for professional growth
• Office location in the heart of Makati

If you are ready to take the next step in your career as an IT Internal Audit Manage, we encourage you to apply today!