RESPONSIBILITIES

• Provide guidance on IT control management matters, particularly on application and infrastructure security.
• Perform regular risk assessment of IT infrastructures which include risk analysis & threats assessment, enterprise security management process, computer, and communication security including identifying areas where business units should consider additional investment and areas internal audit should focus
• Perform continuous examination of existing internal IT and system controls, evaluate the design and its operational effectiveness, assess exposure to risk and develop remedial strategies in the organization.
• Assist in devising and implementing controls to minimize business risks arising from weaknesses within the business systems and IT infrastructures of the organization.
• Provide continuous assurance to the business on the effectiveness and adequacy of system, process, and technology controls as well as other safeguards/measures put in place by management for the realization of business objectives.
• Assess the adequacy of system configuration and change management process, back-up and disaster recovery, software development processes and logical access controls.
• Participate in the conceptualization and implementation of new IT driven business projects or optimization/upgrade of existing systems and business solutions to ensure that controls that meet business requirements are embedded at all levels of the system.
• Actively follow up on all open control issues in the Internal Control and Audit Reports, Management letter, Regulatory Examiners report as it relates to IT reviews.
• Monitor developments in the information system and technology space with a view to proactively identify potential risk and recommend mitigants.
• Keep abreast of the updates in the global technology world to identify emerging risks and opportunities that can be domesticated in the Company.
• Participate in UATs and change management meetings.
• Perform miscellaneous job-related duties as assigned by the IT Systems Auditor and Head of Internal Control and Audit.

REQUIREMENTS

• BSc degree in Computer Science, Information Technology, or other technology-related degrees.
• Applicable IT Certification is a plus (e.g., CISA/CISM/CRISC/CISCO)
• Minimum of 3 years’ experience performing IT Audit/Control functions