Job description
Are you a positive minded inividual who fits the role profile captured below? There is an opportunity for ambitious, self-driven individuals to fill the above position.
Reporting to: Head of Internal Audit
Job Purpose:
The overall purpose of this role is to lead and execute IT audits in the Bank.
Key Responsibilities:
IT Audit Planning
Develop IT Audit Strategy and Risk Based IT audit plan aligned to the business objectives of the Bank.
Develop risk based IT audit programs, tests and checklists to assist in execution of IT audits for various systems in the Bank.
IT RISK ASSEMENTS
Evaluate risk management practices in the in order to determine whether IT related risks are adequately managed to avert loses to the Bank.
IT Audit Execution
Review IT Policies, Procedures and Processes and controls and provide recommendations for completeness and alignment to the generally accepted ISACA IS Audit Standards, ISO 27001 and other best practices.
Execute risk- based IS audits in line with the approved IT Audit Plan and make recommendations for improvements.
Provide assurance on the effectiveness of the Bank’s IT governance, IT management structure, adequacy of processes to support management in decision making process.
Coordinate IT audits carried out by external auditors.
Continuous review and reporting on cyber risks and controls of the ICT systems within the Bank and other related third-party connections.
Assessing both the design and effectiveness of the cybersecurity framework implemented.
Conducting regular independent threat and vulnerability assessment tests.
Conducting comprehensive penetration tests.
Conduct Follow up on implementation of audit recommendations from various IT audits carried out by internally and also through external auditors.
IT Audit Reporting
Assist the Head of Internal Audit in preparing IT Audit reports for submission to Management and the Board Audit Committee.
Present the key IT audit findings to Senior Management.
Technical Support
Assist Internal Auditors in developing scripts and data analytics to assist them in their audit work.
Offer support in carrying out fraud investigations.
Support Internal Auditors in optimizing use of Computer Assisted Audit
Techniques (CAATS) such as Teammate, and data analytic tools such as ACL, IDEA where appropriate.
Provide advisory on proposed IT developments such as acquisition of new systems and system upgrades to ensure that IT risks are properly identified and controls embedded to mitigate the risks.
Provide assurance that the practice of acquisition, development, testing and implementation of information systems meet the Bank’s strategies and objectives.
Provide assurance that the processes for maintenance of the Bank’s information systems is adequate and whether they meet the user’s needs, expectations and overall bank strategy.
The Person:
The ideal candidate must possess the following:
Qualifications
Bachelor’s degree in information systems/Technology, computer science or related field
Master’s Degree in any of the above fields will be an added advantage
A Certified Information Systems Auditor (CISA).
A member of Information Security Audit and Control Association (ISACA).
Certifications in Certified Information Security Manager (CISM), Certified Information’s Systems Security Professional (CRISC), Certified Public Accountant (CPA K) will be an added advantage.
IT certifications ICT certifications such as CCNA, MCSE, ITIL, PRINCE2 will be an added advantage
At least 4- 5 years’ experience in carrying out and managing IT audit projects preferably in a financial institution
Experience in working with Computer Audit tools such as Teammate and data analytic tools such as IDEA, ACL and Team Risk
In- depth understanding of Bank operating environment and interlink between IT systems and business operations
Key Competencies and Attributes
Proficiency in Data Analysis tools ACL, IDEA.
Excellent communication skills (correspondence, presentations, meeting management, and informal dialogue with a variety of types of stakeholders).
Ability to generate high calibre insights from a wide variety of information sources
Ability to link technical IT gaps to possible business benefits.
Excellent Data Analytical skills
Communication skills both written and verbal.
High level of Integrity
Innovative and Creative
Strong interpersonal skills and a good team player
Ability to meet tight deadlines and work under pressure
