Head, IT Risk Management & Assurance - Consultant / Resident at Mastercard Foundation

THE OPPORTUNITY

Reporting to the Director, Assurance & Enterprise Risk Management, the Head, IT Risk Management & Assurance will be responsible for supporting the roll-out of the Foundation’s technology plan by evaluating potential risks to design technological systems that may threaten business technological goals, driving the inclusion of effective automated controls to address identified risks and fostering an environment of continuous improvement. In addition, He/she will assist with planning, coordinating, implementing, and reporting on all IT Advisory and Audit engagements in accordance with the annual audit and risk plan, audit manual, International Auditing standards, Foundation IT policies and strategic plan. He/she will provide advice to improve the existing IT risk management practices within the Foundation.

The successful candidate will be based in any of our listed offices in Africa or Canada (Rwanda, Ethiopia, Uganda, Kenya, Senegal, Ghana, and Nigeria).

WAYS YOU CAN CONTRIBUTE

• Contribute to the development and deployment of the technology roadmap within the Foundation including strategic IT risk management frameworks, programs and processes needed to build a robust, strong, and sustainable IT control environment.
• Conduct quality assurance reviews on the technology roll-out being undertaken by the Foundation and prepare reports of findings and remedial actions to management.
• Identify significant IT risks or exposures related to internal controls, compliance and governance and collaborate with various stakeholders to develop solutions.
• Collaborate with the technology team to ensure appropriate controls are in place to manage cybersecurity, data privacy and data management risks.
• Promote cultural awareness of IT risk management that will assist in responsible risk-taking across the Foundation.
• Conduct IT risk assessments and provide input into the Foundation’s risk profile including IT risk management activities and end-to-end business process reviews to address key IT risks.
• Provide input into the development of the Foundation’s IT audit strategy, risk management activities and risk-based internal audit plan covering all countries and functions.
• Execute on the Foundation’s annual internal audit plan. 
• Provide audit reports to management that articulate the potential impact of IT-related issues identified and provide practical recommendations. Collaborate with management on implementation and track progress.  
• Report to management on the status of IT internal audit activities, emerging risks, and potential exposures, and provide guidance with respect to enterprise risk management and internal control best practices. 
• Report to the Functional leadership on the status of internal audit activities, emerging risks, and potential exposures, and provide guidance on enterprise risk management and internal control best practices. 
• Participate in senior country management meetings including various forums in an advisory capacity on IT risk and audit matters or on the design of key IT controls. 
• Review implementation of recommendations from incident reports, internal and external audit reports 
• Maintain positive relationships with stakeholders and steer collaborations across the Foundation including relevant enterprise functions, program partners, external auditors, colleagues, and communities. 
• External professional engagement with Audit and Risk practitioners 
• Train the Foundation teams in different aspects including IT security and risk management, internal controls, IT governance aspects among others.

WHO YOU ARE

• Bachelor’s Degree in Information Security, Computer Science, Information Technology, Data analytics, Data Science.
• Master’s degree in IT Security or related field is an added advantage.
• Professional certifications such as CISA, CISM, CRISC, PRINCE2, PMP, CDPSE, CGEIT, CEH, CCNA and CISSP.
• Member of a relevant professional body plus relevant CPD that establishes credibility and capability in the IT Risk market.
• 15 years IT Audit, Third Party Assurance, and IT Controls Advisory experience.
• Minimum 5 years in audit or risk roles within large and/or global organizations, with at least 4 years in a senior IT audit or risk management role. 
• Broad experience in IT risk management, business process and controls advisory and PCAOB Audit.
• Work with a range of ERP and IS/IT systems environments such as SAP, Oracle, Dynamics, and other infrastructures such as Unix/Windows operating system, Oracle/SQL database and Cisco/Juniper/Checkpoint firewall systems.
• Experience in IT controls, Risk Management, accounting or business processes, system implementation or IT project assurance.
• Experience in ERP reviews, audits, implementation, or advisory roles such as SAP, Oracle, JDE, Dynamics or Peoplesoft will be an advantage.
• Intermediate coding experience or use of data technology such as SQL, Alteryx, Celonis, RPA, Power BI or Python will be an advantage.
• Experience in planning and performing all stages in the audit process and business reviews. 
• Experience in preparing and presenting reports to senior leadership team. 
• Thorough knowledge of best practice IT governance and control frameworks
• Experience building IT capabilities and capacity of an internal audit function in high growth organizations including multi-jurisdictional and multi-currency environments.
• Experience in preparing and presenting reports to senior leadership team.
• The ability and willingness to travel within the Country and Africa where required.
• Experience working in the development sector is an added advantage.
• Ability to assess risks and exercise judgment in making important decisions.
• French language skill is an added advantage. 
• Flexible, adaptable, and able to execute a range of job duties and changing priorities.
• Possess excellent verbal, written, and presentation skills with the ability to articulate information to a variety of constituents across cultures.
• Possess professional maturity, sensitivity with different cultures, and impeccable integrity that exemplify the Foundation’s values.
• Demonstrate a commitment to Mastercard Foundation’s values and vision.