Job Purpose
The job holder will provide independent assurance on the Bank’s information systems, IT infrastructure and processes specifically on integrity, confidentiality and availability of the information systems as well as providing assurance on information systems governance, risk management and controls in place.
Key responsibilities and accountabilities
Planning and scoping of annual and ad hoc IS audits in liaison with the Head of Department.
Provide assurance on IT risk management framework, particularly on applications and infrastructure security.
Conduct periodic IT audits and reviews of systems, applications, IT processes and digital channels.
Prepares audit finding memoranda and working papers to ensure that adequate documentation exists to support the completed audit and conclusions.
Perform pre and post implementation reviews of new systems acquisition, implementation or enhancements.
Performing IT security audits including evaluating if security vulnerabilities are properly identified and mitigated. Coordinate the scope and performance of these reviews with business units and external security experts.
Evaluate and test IT general controls and provide value-based feedback.
Schedule and perform reviews on IT management policies and procedures such as change management, business continuity planning/ disaster recovery and information security to ensure that controls surrounding these processes are adequate.
Prepare high quality IS audit reports and present to Management and Board Audit Committee.
Assist in analyzing data through available data analytics tools and managing audit assignments through GRC software.
Conduct audit follow-ups and tracking of open audit findings to ensure that audit findings are closed within the agreed timelines.
Performs miscellaneous job-related duties as assigned.
Minimum Qualifications and Experience
Bachelor’s degree in computer science, management information systems, or any other related field from a recognized university.
Minimum of 3 years’ experience in a similar role, preferably in a financial institution.
Professional certification in IT Audit, Risk and Security e.g. CISA, CISM, CISSP, CRISC and Member of ISACA.
Knowledge of information systems, governance and security principles & practices e.g. ISO27001, COBIT and ITIL frameworks.
Skilled in project management and maintaining composure under pressure while meeting multiple deadlines.
Excellent Analytical and report writing skills.
Excellent interpersonal, communication, and presentation skills with the ability to interact effectively at all levels of management.
Interested candidates who meet the criteria above are encouraged to send their application letters and detailed CVs to: Email: recruitment@caritas-mfb.co.keKindly indicate the position title on the subject line when applyingClosing date for applications: 16th February 2025
Apply via :
recruitment@caritas-mfb.co.ke
