Auditor, IT Security Audit at MTN Nigeria

Job Description

• Responsible for performing analysis and monitoring on internal Technology controls and vulnerabilities, IT equipment, IT system risk management and the effectiveness of internal audit.
• Also responsible for providing recommendations on improvements in order to ensure an increasingly robust internal audit processes, which aims to reduce Technology risks and information  security risks.
• Assist the Manager in the execution of technology systems and processes audit plans, in order to identify risks and vulnerabilities in the particular control areas  and to ensure that processes and systems comply with company policies, and statutory and regulatory policies.
• Serves as an active member of the audit team directly executing medium/high priority/risk internal audits on the technology systems and processes: through  analysing reports and logs, conducting system and process audits, testing, preparing database updates, providing status reports and preparing final audit reports on assignments carried out, in line with internal audit standards and methodologies.
• Ensure that audits and assessments consider the effectiveness of the control areas, such as: application controls, information security, change management/system  development lifecycle,  disaster recovery reviews, pre and/or post implementation review, IT project management, IT project governance, IT risk management, data  migration reviews, data quality reviews, business process mapping reviews, IT acquisition and implementation reviews, information technology systems and  infrastructures process and control reviews.
• Review audit reports on the technology systems and processes, ensuring execution according to plan, quality and adherence to internal audit standards, methodologies and procedures.
• Provide analysis on technology systems and processes internal audit data, identifying weaknesses in IT systems and internal policies, IT system vulnerabilities,  and trends on IT systems failures, vulnerabilities, inconsistencies, weaknesses in the control areas, and reporting these to management, with recommendations on  possible mitigations and enhancements.
• Assist in compiling internal audit reports for management review.
• Measure/evaluate technology systems and processes compliance to statutory and regulatory requirements and the company's policies and procedures.
• Carry out regular, comprehensive and holistic information security and IT systems control assessments, to identify risks and areas that need focus.
• Recommend changes to IT systems and processes, based on internal policies, best practices and continuous change in available technologies.
• Keep up to date with new technology solutions to mitigate/change IT systems security vulnerabilities and provides reporting on these solutions.
• Maintain all audit administration documentation and information as required on routine and special information systems audits.
• Follow-up and perform validation of remediation activities to ensure control issues are effectively resolved
• Report audit findings and make recommendations for correcting unsatisfactory conditions, improving operations and reducing costs.
• Maintain professional and technical knowledge by attending educational workshops, reviewing professional publications, establishing personal networks, and  participating in professional societies.
• Maintain effective working relationships with the members of Senior Management, the heads of the business and service units and staff.
• Consult with and provide recommendation to senior management, administrators, and staff on various operational issues related to computerized and configurable information systems, and on  general business operations as needed.
• Work closely with other audit team members to complete each audit exercise and draft audit reports to be reviewed by Manager Technology, Security and Networks
• Continuously seek self-professional development to sharpen skills and capabilities in a versatile and evolving digital landscape.
• Foster active collaboration and relationships with employees across all levels and divisions in line with MTN’s VB and values.

Job Condition:

• Normal MTNN working condition
• May be required towork extended hours

Experience & Training
Experience:

• 3-7 years’ experience which includes:
• Minimum of 3 years’ experience in IT systems audit or IT security or privacy or technology consulting or cyber security experience in a reputable organization
• Experience working in a medium to large organization in a Systems/ IT/ Telecomm environment

Training:

• Internal audit,
• Cyber Security
• Fraud management,
• Technology risk management,
• Internal controls,
• Systems Audit (ISACA, ISO)

Minimum Qualification

• BSc, HND or Other