What will you do?
Conduct periodic meetings with Network and IT Functional Chiefs, Regional Operations Directors, MD & Africa CEO and other stakeholders to address the key audit issues and monitor the implementation status of management’s action plans.
Review control mitigation plans of Network and IT Function and ensure adequate and prioritized management attention on remediating known issues and preventing recurrences.
Ensure that audit issues are well understood by all levels of management and staff and that learning on fraud and control issues are shared amongst relevant stakeholders to prevent recurrences.
Leading, planning, performing and documenting Cyber/IT Security reviews and advisory assignments as well as audits of Financial Services Systems in accordance with the internal audit plan. These audits shall include but not be limited to Vulnerability Assessments, Penetration testing, audits of Mobile Money systems and Pre/ Post-Implementation reviews.
Ensure audit planning is carried out so that resources in terms of quality and numbers, is in line with the requirement.
Maintain high engagement levels with the outsourced Internal Audit partners to ensure that the audit plan is delivered with the desired quality and within the agreed timelines
Ensure tracking and timely closure of the audit issues in a sustainable manner.
Implement a system of tracking key project activities that impact on delivery of the audit plan.
Implement a system of capturing and tracking audit issues per timelines agreed with Networks and IT Functional Chiefs heads/ chiefs or relevant function SPOC, flagging and escalation of delays in implementation of improvement opportunities.
Conduct regular review of the audit work done by outsourced audit partners to validate quality of audit work and reporting.
Identify any necessary changes to the audit methodology and ensure implementation in a timely manner.
Provide continuous feedback to partner (internal audit service providers) on quality of audit work and deployment of resources.
Ensure training of partner staff in order that they are able to deliver the best quality
Provide proposals for improvement and support the implementation of changes.
Maintain a calendar for the board audit committee meetings.
Consolidate information for reporting to the board on a quarterly basis.
Co-ordinate receipt and dispatch of all necessary documentation and communication.
Ensure all levels of review prior to dispatch of board papers.
Weekly reporting to the Director Internal Assurance on the status of reviews.
Flash reporting for significant issues noted in ongoing reviews.
Understanding the operational nuances of the various markets. Interacting with senior members of the business and having the ability to challenge established processes identify gaps and ensure that the gaps are addressed.
Keeping abreast of changes in the business, operational and competitive landscape. Activities will include:
Risk assessments and identification of key risks in the business.
Promoting an internal culture driven by ethics.
Driving audits to highlight and address these risks.
Recommend solutions that are pragmatic, cost effective and sustainable.
Engaging management to dedicate resources and attention towards prioritized and systemic risk and control issues.
Ensure on-going dialogue with stakeholders and internally within the team to identify potential risks to ensure identification, assessment and development of mitigation plans for key risks.
Identify good business practices and ensure these are shared with management for implementation.
Drive programmes that promote risk and control awareness across the company.
Keep abreast of regional and international trends and identify new and emerging risks in the business and / or industry.
Provide guidance to other functions on risk management and compliance
Here’s what we’re looking for (Technical Skills)
Minimum 10 years of experience out of which at least 5 years should be in Internal Audit / Risk Management / Compliance
Holder of Certified Information Systems Auditor CISA) or equivalent
Security qualification (CISSP or CISM or other information security certification) is an added advantage.
Experience in a Telecom / Service Industry
Experience working in information systems and cyber security assurance
Strong working knowledge of penetration testing tools and methodologies including but not limited to Application Security, Database Security, Web services security, Network Security, Mobile Security and VAS systems security
Knowledge and experience in Telecoms network infrastructure including BTS/BSC/RNC/HLR/GGSN/SGSN/IN
Experience with the big 4 audit firms (Price water house coopers, KPMG, Ernest & Young) is an added advantage.
Experience with Forensic Analysis and Robotic Process Automation tools will be an added advantage
Apply via :
www.linkedin.com
