We're a leading financial institution, a key player in the Maltese market and part of a highly diversified multi-national group of companies. Employing a team of over 270 employees, the Bank offers a full range of lending and savings solutions to both personal and business customers. We strive to offer a highly personalised service through our network of thirteen retail branches spread across the Maltese Islands.

We're a team of inspired people who believe that opportunities start with a conversation.

Duties and responsibilities

This role mainly entails r delivering IT internal audit engagements end-to-end, covering areas such as IT governance, cybersecurity, systems development, data management, and IT operations. Reporting to the Head of Internal Audit, you will contribute to strengthening the Bank’s control environment from a third line of defence perspective, ensuring alignment with regulatory expectations, including Digital Operational Resilience (DORA), and industry best practices.

You will be responsible to:

• Plan and execute risk-based IT audit assignments, including scoping, fieldwork, and reporting 
• Deliver end-to-end audit engagements, with ownership of assigned audit areas 
• Conduct walkthroughs with stakeholders to understand IT processes, systems and control frameworks 
• Assess the design and operating effectiveness of IT controls, including:  
• IT general controls (ITGCs) 
• System access and change management 
• Cybersecurity controls 
• Data governance and integrity 
• Develop and execute audit programmes aligned with audit scope and internal audit standards 
• Perform audit testing, document workpapers and ensure audit quality and traceability 
• Draft clear, concise audit reports highlighting findings, root causes and practical recommendations 
• Present audit observations to management and contribute to closing meetings 
• Track and follow up on the implementation of audit recommendations 
• Support the development of the annual audit plan, particularly in identifying key IT risks, including ICT and digital resilience risks under DORA 
• Contribute to regulatory and external audit interactions, including those related to IT risk and operational resilience 
• Stay updated on emerging IT risks, cyber threats, and regulatory developments, particularly in the area of digital operational resilience 
• Build effective relationships with stakeholders and provide practical insights on IT control and risk matters 

Competencies and experience

The potential candidate should be reliable and trustworthy, well-organised with a disposition to learn and have a team-oriented approach.

You must have:

• Strong analytical thinking with the ability to identify control gaps and improvement opportunities 
• Clear and effective communication skills, both written and verbal
• Ability to work independently while collaborating within a team 
• Good organisational skills with the ability to manage multiple assignments and deadlines 
• Strong willingness to learn and develop into a more senior Internal Audit role 
• High level of integrity, professionalism and attention to detail 

Experience and Knowledge

• Bachelor’s degree in IT, Information Systems, Computer Science, or a related field 
• Professional certifications such as CISA, CIA or equivalent (or working towards) will be considered an asset 
• Minimum of 2–3 years’ experience in IT audit, IT risk, IT controls, or a related function 
• Experience in participating in or delivering audit or control reviews, preferably within financial services, professional services (e.g. Big 4), or a regulated environment 
• Good understanding of:  
• IT general controls (ITGCs) 
• Basic cybersecurity principles and controls 
• IT risk and control frameworks (e.g., COBIT, ISO 27001 concepts) 
• Awareness or exposure to regulatory expectations on ICT risk and operational resilience (e.g., DORA) will be considered an asset 
• Familiarity with core banking systems, digital platforms or outsourced IT environments is advantageous 
• Exposure to banking systems or financial services processes will be considered an asset 

What we Offer

• Ongoing personal development;
• Preferential interest rates on home loans, personal loans and home value loans;
• Comprehensive support for academic advancement through fully subsidized staff study loans;
• Private clinic health insurance coverage, extendable to dependants;
• Life insurance and personal accident cover;
• Free ophthalmic examinations;
• Private counselling sessions in collaboration with Richmond Foundation;
• Additional full-day leave for birthday celebrations;
• Annual performance appraisals and salary reviews;
• €400 annual wellness allowance;
• Complimentary mammogram screenings for female employees aged over 40 and PSA screenings for male employees aged over 40;
• Flexible work arrangements (role permitting); and
• Various corporate discounts.

BNF Bank plc is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.