Description

Position Purpose:

Under the supervision of the Director, Internal Audit Department (DIA), the incumbent is responsible for executing risk-based internal audits—including business analysis and IT audits—in line with the department’s approved annual Work Program. The role also involves conducting advisory assignments and providing recommendations to the Director, DIA on bank-wide matters to enhance risk management, control, and governance processes, contributing to the Internal Audit Department’s mission and strategic objectives. All audit activities must adhere to the Institute of Internal Auditors’ International Professional Practices Framework and other applicable professional standards.

Key Functions and Responsibilities:

Under the supervision and guidance of the Director, DIA either directly or as assigned by him, the Officer, Internal Audit shall:

• Prepare and execute risk-based internal audits—including business analysis and IT audits—to evaluate internal controls; the reliability and integrity of financial, managerial, and operational information and systems; operational efficiency; asset safeguarding; and compliance with applicable regulations, policies, and procedures.
• Conduct advisory assignments and provide recommendations to Director, DIA on bank-wide matters, including IT governance, cybersecurity resilience, systems integrity, digital risk management, and business analysis, to strengthen risk management, control, and governance processes in support of the department’s mission and strategic objectives.
• Prepare audit reports with actionable recommendations based on audit findings to improve the effectiveness and efficiency of audited areas.
• Support the “Follow-up” process for audit recommendations from internal and external auditors and the Audit Committee; in consultation with Director, DIA assess corrective actions and assist in preparing reports for Audit Committee and Board meetings, including ad hoc reports as requested.
• Review new and revised policies and procedures from a risk and control perspective (including business analysis and IT-related policies, such as systems access controls, data protection, incident response, and digital transformation initiatives) and provide relevant recommendations aiming at enhancing controls, strengthening information security, mitigating the identified risks and making processes more efficient and effective. 
• Apply appropriate audit tools and international standards, including IT audit frameworks and best practices.
• Collect, organize, and analyze data from diverse sources to support audit conclusions.
• Maintain comprehensive knowledge of Bank policies and procedures, with emphasis on IT infrastructure, systems architecture, cybersecurity protocols, and digital governance, to effectively assess related risks and controls.
• Establish and maintain effective relationships with internal stakeholders across all levels and external partners, including auditors, consultants, and peers from other international financial institutions.

Requirements

Required Knowledge, Skills and Experience:

• First University degree or equivalent in internal auditing, economics, accounting, information systems or other related fields.
• Internationally recognized auditing certification, such as CIA, CISA or equivalent, etc. A post-graduate degree in internal auditing, IT audit or accounting may be considered in lieu of a professional certification.
• Knowledge of audit methodologies, risk management, and internal control frameworks (e.g., COSO).
• Excellent Command of English.
• Excellent working knowledge of Microsoft Office Packages, as well as other statistical and audit applications.
• Strong critical thinking and problem-solving skills.
• At least 5 years of relevant working experience in an Internal Audit Department, including hands-on experience in IT auditing of enterprise systems such as SAP, OpenText, Bloomberg, and SWIFT—focusing on system configurations, access controls, data integrity, transaction processing, and compliance with regulatory standards. Experience is preferably gained within a financial institution, bank, international audit firm, a regulatory supervisory authority, or a tax authority.

Desirable Knowledge, Skills and Experience:

• Post-graduate degree or equivalent in internal auditing or accounting or information systems, preferably with a specialization in IT audit, cybersecurity, or enterprise systems.
• Knowledge of a Member State language.
• Knowledge of Computer Assisted Audit techniques. 
• Demonstrated knowledge of SAP systems architecture and functionality, including understanding of core modules such as Finance (FI), Controlling (CO), Treasury, etc. Ability to assess system configurations, data flows, access controls, and integration points across SAP environments to identify risks, evaluate internal controls, and support audit and advisory activities. 
• Experience in the region of the BSTDB’s operation.
• Experience in an international development financial institution.
• Professional integrity, ethics, and discretion in handling sensitive information.
• Ability to plan and organize work aligned with strategic goals.
• Detail-oriented with a strong focus on accuracy and quality.
• Rigorous analytical skills and results-oriented mindset.
• Effective communication and interpersonal skills.

For a candidate to participate in the competitive selection for this position, s/he must meet at least the following minimum requirements: 

Education: First-level University degree or equivalent in internal auditing, economics, accounting, information systems or other related fields; or a first-level University degree in any other area followed by a Master’s degree or equivalent in the above areas.

Professional Qualification(s): Internationally recognized auditing certification, such as CIA, CISA or equivalent, etc. A post-graduate degree in internal auditing, IT audit or accounting may be considered in lieu of a professional certification.

Experience: At least 5 years of relevant working experience in an Internal Audit Department, including hands-on experience in IT auditing of enterprise systems such as SAP, OpenText, Bloomberg, and SWIFT—focusing on system configurations, access controls, data integrity, transaction processing, and compliance with regulatory standards.