Family Bank (formely Family Finance Building Society) was registered as a Building Society in October 1984 in Kenya, under the Building Societies Act and commenced operations in the early 1985. Family Bank converted into a fully fledged bank in May 2007 and the main driver for our conversion was the need to offer a wider range of products and services to our customers.
Family Bank is regulated by the Central Bank of Kenya (CBK) and is regularly inspected using CAMEL ratings which look at Capital, Assets, Management, Earnings and Liquidity. Our ratings by the CBK have been favourable over the years.
Are you a go getter, positive minded individual who fits the role profile captured below? There is an opportunity for ambitious, self-driven individuals to fill the above position.
Reporting to: Head of Audit.
The overall purpose of this role is to lead and execute IT audits at Family Bank.
- Develop IT Audit Strategy and Risk Based IT audit plan aligned to the business objectives of the Bank.
- Develop risk based IT audit programs, tests and checklists to assist in execution of IT audits for various systems in the Bank.
- Ensures KYC and AML/CTF laws and regulations are followed.
- Evaluate risk management practices in the in order to determine whether IT related risks are adequately managed to avert loses to the Bank.
- Review IT Policies, Procedures and Processes and controls and provide recommendations for completeness and alignment to the generally accepted ISACA IS Audit Standards, ISO 27001 and other best practices.
- Execute risk- based IS audits in line with the approved IT Audit Plan and make recommendations from improvements.
- Provide assurance on the effectiveness of the Bank’s IT governance, IT management structure, adequacy of processes to support management in decision making process.
- Coordinate IT audits carried out by external auditors such as Group Central Bank, and the Bank’s External Auditor
- Continuous review and reporting on cyber risks and controls of the ICT systems within the Bank and other related third-party connections.
- Assessing both the design and effectiveness of the cybersecurity framework implemented.
- Conducting regular independent threat and vulnerability assessment tests.
- Conducting comprehensive penetration tests.
- Conduct Follow up on implementation of audit recommendations from various IT audits carried out by internally and also through external auditors such as Central Bank and the Bank’s External Auditor.
- Assist the Head of Internal Audit in preparing IT Audit reports for submission to Management and the Board Audit Committee.
- Present the key IT audit findings to Senior Management.
- Assist Internal Auditors in developing scripts and data analytics to assist them in their audit work.
- Offer support in carrying out fraud investigations that involve technical system manipulation.
- Support Internal Auditors in optimizing use of Computer Assisted Audit
- Techniques (CAATS) such as Teammate, and data analytic tools such as ACL, IDEA where appropriate.
- Provide advisory on proposed IT developments such as acquisition of new systems and system upgrades to ensure that IT risks are properly identified and controls embedded to mitigate the risks.
- Provide assurance that the practice of acquisition, development, testing and implementation of information systems meet the Bank’s strategies and objectives.
- Provide assurance that the processes for maintenance of the Bank’s information systems is adequate and whether they meet the user’s needs, expectations and overall bank strategy.
- Any other official duties that may be allocated from time to time by the line manager.
The ideal candidate must possess the following:
- Must be a Certified Information Systems Auditor (CISA).
- Must be a member of Information Security Audit and Control Association (ISACA).
- Bachelor’s degree in information systems/Technology, computer science or related field from a recognized university. Master’s Degree will be an added advantage.
- Certifications in Certified Information Security Manager (CISM), Certified in Risk and Information Systems and Control, Certified Information’s Systems Security Professional (CRISC), Certified Public Accountant (CPA K) will be an added advantage.
- Other IT certifications ICT certifications such as CCNA, MCSE, ITIL, PRINCE2 is a plus.
- Ability to link technical IT gaps to possible business benefits.
- Excellent Data Analytical skills
- Communication skills both written and verbal.
- High level of Integrity
- Innovative and Creative
- Strong interpersonal skills and a good team player
- Ability to meet tight deadlines and work under pressure
Method of Application
ALL applicants MUST apply online to the email email@example.com; closing date is 12th October 2019. Canvassing will automatically disqualify the candidate. Only shortlisted candidates will be contacted.
“We are an equal opportunity employer”