The incumbent shall act as a lead role for domestic/international internal and external IT audits. They shall be responsible for designing and developing audit procedures, and reviews and evaluate work of any Assistant Associates within the Audit Department. They shall also recommend and submit reports on identified corrections and controls in need of improvement.
- Provide Business and IT management with guidance on IT risk management matters, particularly on application and infrastructure security.
- Identify areas where business units should consider additional investment and areas internal audit should focus.
- Conduct IT audits and reviews of systems, applications and IT processes.
- Perform pre and post- implementation reviews of system implementations or enhancements
- Conduct IT security audits (e.g. network, operating systems and data centre), including evaluating if security vulnerabilities are properly identified and mitigated. Coordinate the scope and performance of these reviews with business units and external security experts.
- Evaluate general computing controls and provide value added feedback. Test compliance with those controls.
- Perform various other reviews of IT management policies and procedures such as change management, business continuity planning/ disaster recovery and information security to ensure that controls surrounding these processes are adequate.
- Develop, build & implement tools to analyze data to improve audit efficiency and effectiveness, (including for risk assessments). Ultimately be a source for analytics that business units adopt to provide business insights or for continuous auditing.
- Assist in conducting financial, operational and compliance audits,
- Prepare and report results that will be tabled before the Audit Committees.
- Perform other duties as assigned
- Bachelor’s Degree in Computer Science/Management Information Systems, Accounting, Business or equivalent combination of related work experience and education
- Advanced degree in Computer Science / Management Information Systems/ Information Security or equivalent education will be an added advantage
- Completion of CISA (Certified Information Systems Auditor)
- Minimum of four (4) years’ relevant experience of internal or external IT auditing experience.
- Reinsurance or insurance audit experience preferred