Job Description
Reporting to the Head of Audit, the ideal candidate will be expected to conduct risk assessment and audit of information systems, report on the findings to the Board Audit Committee through the Head of Audit and to recommend best practice. In addition, the incumbent will also participate in financial audit.
Key Responsibilities:
• Assessing adequacy of controls employed to safeguard IS assets.
• Review measures employed to ensure data security and integrity.
• Evaluating effectiveness of controls put in place to ensure business continuity (BCP).
• Review system efficiency, effectiveness, and availability.
• Review system change management to ensure adherence to policy.
• Review of adequacy of network security controls.
• Review of ICT policy and information security policy (ISP).
• Carrying out forensic audits and investigations.
• Advising management on industrial developments relating to ICT risk.
• Assessing the Bank’s compliance with relevant laws and regulations in relation to information systems.
• Reviewing and following up on all issues related to information systems raised by the external auditor and the CBK auditors.
• Evaluating the systems established to ensure compliance with those policies, plans, procedures, laws, and regulations which could have a significant impact on the organization.
• Reporting significant risk exposures and control issues, including fraud risks, governance issues, and other matters needed or requested by the Board Audit Committee.
• Review & reporting on emerging IS risks (e.g. cyber security risk)
• Conduct quarterly vulnerability penetration test on all ICT platforms deployed by the Bank.
Qualifications Requirements
• University Degree or its equivalent. IT related degree from a recognized university.
• Be a certified information systems auditor. (CISA)
• Be a certified public accountant CPA (K).
• Be a member of Information Systems Audit & Control Association (ISACA)
• Minimum 5 years working experience in Audit. 3 years of which should be dedicated to information systems audit.
• Adequate training in report writing and data analytics.
• Experience in IT fraud investigation and prevention.
• Must have no criminal record.
• Experience in performance and people management.
Desired Qualities
• Strategic thinker, ability to see the big picture and formulate strategies for the unit that will contribute to achievement of the Bank’s overall objectives.
• Enthusiastic, results oriented with excellent communication and presentation skills.
• A forward planner with clear focus, ardent team player, mature, reliable, and hardworking
• Understand information security procedures.
• Excellent analytical and problem-solving skills.
• High levels of professionalism and professional development; is self –disciplined with a high sense of alertness.
• Honest with impeccable integrity (high ethical standards).
• Ability to grow, support and develop information systems audit talent within internal audit department.
Remuneration
A package commensurate to the posts shall be discussed and agreed with the successful candidates.