Information System Auditor at Family Bank

Job description

Are you a positive minded inividual who fits the role profile captured below? There is an opportunity for ambitious, self-driven individuals to fill the above position.

Reporting to: Head of Internal Audit

Job Purpose:

The overall purpose of this role is to lead and execute IT audits in the Bank.

Key Responsibilities:

• IT Audit Planning
• Develop IT Audit Strategy and Risk Based IT audit plan aligned to the business objectives of the Bank.
• Develop risk based IT audit programs, tests and checklists to assist in execution of IT audits for various systems in the Bank.
• IT RISK ASSEMENTS
• Evaluate risk management practices in the in order to determine whether IT related risks are adequately managed to avert loses to the Bank.
• IT Audit Execution
• Review IT Policies, Procedures and Processes and controls and provide recommendations for completeness and alignment to the generally accepted ISACA IS Audit Standards, ISO 27001 and other best practices.
• Execute risk- based IS audits in line with the approved IT Audit Plan and make recommendations for improvements.
• Provide assurance on the effectiveness of the Bank’s IT governance, IT management structure, adequacy of processes to support management in decision making process.
• Coordinate IT audits carried out by external auditors.
• Continuous review and reporting on cyber risks and controls of the ICT systems within the Bank and other related third-party connections.
• Assessing both the design and effectiveness of the cybersecurity framework implemented.
• Conducting regular independent threat and vulnerability assessment tests.
• Conducting comprehensive penetration tests.
• Conduct Follow up on implementation of audit recommendations from various IT audits carried out by internally and also through external auditors.
• IT Audit Reporting
• Assist the Head of Internal Audit in preparing IT Audit reports for submission to Management and the Board Audit Committee.
• Present the key IT audit findings to Senior Management.
• Technical Support
• Assist Internal Auditors in developing scripts and data analytics to assist them in their audit work.
• Offer support in carrying out fraud investigations.
• Support Internal Auditors in optimizing use of Computer Assisted Audit
• Techniques (CAATS) such as Teammate, and data analytic tools such as ACL, IDEA where appropriate.
• Provide advisory on proposed IT developments such as acquisition of new systems and system upgrades to ensure that IT risks are properly identified and controls embedded to mitigate the risks.
• Provide assurance that the practice of acquisition, development, testing and implementation of information systems meet the Bank’s strategies and objectives.
• Provide assurance that the processes for maintenance of the Bank’s information systems is adequate and whether they meet the user’s needs, expectations and overall bank strategy.

The Person:

The ideal candidate must possess the following:

Qualifications

• Bachelor’s degree in information systems/Technology, computer science or related field
• Master’s Degree in any of the above fields will be an added advantage
• A Certified Information Systems Auditor (CISA).
• A member of Information Security Audit and Control Association (ISACA).
• Certifications in Certified Information Security Manager (CISM), Certified Information’s Systems Security Professional (CRISC), Certified Public Accountant (CPA K) will be an added advantage.
• IT certifications ICT certifications such as CCNA, MCSE, ITIL, PRINCE2 will be an added advantage
• At least 4- 5 years’ experience in carrying out and managing IT audit projects preferably in a financial institution
• Experience in working with Computer Audit tools such as Teammate and data analytic tools such as IDEA, ACL and Team Risk
• In- depth understanding of Bank operating environment and interlink between IT systems and business operations

Key Competencies and Attributes

• Proficiency in Data Analysis tools ACL, IDEA.
• Excellent communication skills (correspondence, presentations, meeting management, and informal dialogue with a variety of types of stakeholders).
• Ability to generate high calibre insights from a wide variety of information sources
• Ability to link technical IT gaps to possible business benefits.
• Excellent Data Analytical skills
• Communication skills both written and verbal.
• High level of Integrity
• Innovative and Creative
• Strong interpersonal skills and a good team player
• Ability to meet tight deadlines and work under pressure