Information System Auditor

Are you a go getter, positive minded individual who fits the role profile captured below? There is an opportunity for ambitious, self-driven individuals to fill the above position.
Reporting to: Head of Audit.
Job Purpose:
The overall purpose of this role is to lead and execute IT audits at Family Bank.
Key Responsibilities:

Develop IT Audit Strategy and Risk Based IT audit plan aligned to the business objectives of the Bank.
Develop risk based IT audit programs, tests and checklists to assist in execution of IT audits for various systems in the Bank.
Ensures KYC and AML/CTF laws and regulations are followed.
Evaluate risk management practices in the in order to determine whether IT related risks are adequately managed to avert loses to the Bank.
Review IT Policies, Procedures and Processes and controls and provide recommendations for completeness and alignment to the generally accepted ISACA IS Audit Standards, ISO 27001 and other best practices.
Execute risk- based IS audits in line with the approved IT Audit Plan and make recommendations from improvements.
Provide assurance on the effectiveness of the Bank’s IT governance, IT management structure, adequacy of processes to support management in decision making process.
Coordinate IT audits carried out by external auditors such as Group Central Bank, and the Bank’s External Auditor
Continuous review and reporting on cyber risks and controls of the ICT systems within the Bank and other related third-party connections.
Assessing both the design and effectiveness of the cybersecurity framework implemented.
Conducting regular independent threat and vulnerability assessment tests.
Conducting comprehensive penetration tests.
Conduct Follow up on implementation of audit recommendations from various IT audits carried out by internally and also through external auditors such as Central Bank and the Bank’s External Auditor.
Assist the Head of Internal Audit in preparing IT Audit reports for submission to Management and the Board Audit Committee.
Present the key IT audit findings to Senior Management.
Assist Internal Auditors in developing scripts and data analytics to assist them in their audit work.
Offer support in carrying out fraud investigations that involve technical system manipulation.
Support Internal Auditors in optimizing use of Computer Assisted Audit
Techniques (CAATS) such as Teammate, and data analytic tools such as ACL, IDEA where appropriate.
Provide advisory on proposed IT developments such as acquisition of new systems and system upgrades to ensure that IT risks are properly identified and controls embedded to mitigate the risks.
Provide assurance that the practice of acquisition, development, testing and implementation of information systems meet the Bank’s strategies and objectives.
Provide assurance that the processes for maintenance of the Bank’s information systems is adequate and whether they meet the user’s needs, expectations and overall bank strategy.
Any other official duties that may be allocated from time to time by the line manager.

The Person:
The ideal candidate must possess the following:
Qualifications

Must be a Certified Information Systems Auditor (CISA).
Must be a member of Information Security Audit and Control Association (ISACA).
Bachelor’s degree in information systems/Technology, computer science or related field from a recognized university. Master’s Degree will be an added advantage.
Certifications in Certified Information Security Manager (CISM), Certified in Risk and Information Systems and Control, Certified Information’s Systems Security Professional (CRISC), Certified Public Accountant (CPA K) will be an added advantage.
Other IT certifications ICT certifications such as CCNA, MCSE, ITIL, PRINCE2 is a plus.

Personal Attributes/Competencies

Ability to link technical IT gaps to possible business benefits.
Excellent Data Analytical skills
Communication skills both written and verbal.
High level of Integrity
Innovative and Creative
Strong interpersonal skills and a good team player
Ability to meet tight deadlines and work under pressure