Job Description
DEPUTY MANAGER - INFORMATION SYSTEM AUDIT
Deputy Manager- Information System Audit is responsible for continuously inspecting and assessing the various elements of Bank's information systems to develop and implement audit plans and should collaborate with audit managers to determine the best control environments and best practices for each system.
- Deputy Manager- Information System Audit should monitor Bank's information systems and recommend changes as necessary to promote efficiency and security/control measures by performing general and application control reviews for simple to complex computer information systems in the Bank.
- Need to work closely with the IT Department, other audited departments/branches and upper management personnel to assess potential risks with IT systems and compare the strength of IT systems to other available technologies in the market.
- Performing audits, User Acceptance Testing (UAT) within set deadlines, coordinate with audit managers and other higher officials to get feedback about IT systems and compile follow up reports or other audit documents and submission of said reports to achieve the set time targets in the audit plan.
- Submitting of reports on review of policies/procedures/new products/new systems/processes to verify whether those are in line with the compliance requirements and introduce innovative control automation techniques to minimize compliance risk.
- Evaluating the adequacy and timeliness of management's response and the corrective action taken on significant audit recommendations.
- Critical matters reported such as discrepancies, malpractices, frauds or any risks faced by the system users should be well informed to higher authorities for decision making and carry out any special audits as instructed by the higher officials.
- Responsible for giving presentations where necessary, to upper management to identify areas for control/security improvements within the Bank's IT initiatives and provide proposals for updated procedures.
- Submitting of reports in accordance with Information Security circulars, policy/procedure guidelines issued by the Bank.
- Carrying out audits to achieve the department KPIs and the annual IS audit plan ensuring the accuracy, completeness of audit evidence drafting audit findings and ensuring completeness of audit files and related documents.
- Participate in disaster recovery drill activities conducted by the Bank.
ELIGIBILITY CRITERIA
- Should be a citizen of Sri Lanka.
ACADEMIC / PROFESSIONAL QUALIFICATIONS
The candidate should possess one of the following qualifications.
- Bachelor's degree in Information Security
- Bachelor's degree in Computer Science / Information Technology specializing in Information Security
- (ISC)2 System Security Certified Practitioner (SSCP)
- ISACA CSX Practitioner Certificate (CSXP)
- GIAC Security Essentials (GSEC)
- Possessing DISSA/ISO 27001 Lead Auditor Certification is an added advantage.
EXPERIENCE
- Completed minimum 3 years of experience in banking or financial institution especially on Information System Audit/ IT Audit/ Information Security Audit/Cyber Security Audit.
- Should have strong communication skills with excellent knowledge in report writing and analytical skills, and should be able to meet tight deadlines and multitask by managing time effectively.
- Possess analytical and technical skills with minimal supervision in the execution.
COMPETENCIES AND SKILLS
- Strong leadership skills
- Thorough and updated knowledge over internal circulars of the Bank as well as regulations and laws applicable to the banking/ finance industry and information systems.
- Computer literacy and knowledge of computerized audit techniques
- Communication skills
- Presentation skills
- Strong analytical skills
- Conceptual skills
- Knowledge of IT Security and infrastructure
- Knowledge of risk assessment
- Interpersonal skills
METHOD OF SELECTION
Shortlisted applicants based on the stipulated qualifications and experience will be called for an interview. The appointment will be made on contract basis and performance will be evaluated annually.
REMUNERATION
An attractive and negotiable remuneration package commensurate with qualifications and experience will be offered to the selected candidate.
APPLICATIONS
The applicants are instructed to fill in the relevant Application form on the Career Page of People’s Bank website and send the duly filled application along with Curriculum Vitae and other necessary supportive documents (Should be less than 2 MB, format JPEG, PDF only). The post applied for should be stated in the subject line of the Email and should reach the Email address: itcareer@peoplesbank.lk on or before 15.06.2026.
An Email confirmation of receipt will be sent upon the receipt of the application. In the event a confirmation has not been received within a reasonable period of time, you may inquire regarding the application by telephone numbers 011 374410 / 011 374412.
The Bank reserves the right to fill or not fill the vacancy and postpone or cancel recruitment at any time. All applications will be treated in strict confidence.
Deputy General Manager (Human Resources) People’s Tower - Level 14 No. 374, Dr. Colvin R. de Silva Mawatha Colombo – 02.