Associate, IT Audit at Zedcrest Capital Limited

Summary

• We are looking to hire an IT auditor with an analytical mind and expertise in IT systems, applications, and infrastructure. IT auditors are expected to have outstanding problem-solving skills, meticulous attention to detail, and a great understanding of cybersecurity trends.

Responsibilities

• Execution of IT Infrastructure and Cybersecurity audits
• Performing Information Security Risk Assessment to develop audit plan and supporting other audit initiatives
• Conduct risk-based infrastructure audits, including cybersecurity coverage, within a diverse technology environment, including vendor and cloud platforms.
• Prepare clear and concise audit work papers.
• Identify and document control weaknesses, draft planning memos and audit reports, and discuss pragmatic suggestions for remediation with Management.
• Participate in the quarterly issue verification process, including validating the satisfactory completion of outstanding issues raised by regulators and/or audits where required.
• Conduct continuous monitoring of technology initiatives and processes to identify areas of increasing and emerging technology risks; escalate risk issues as appropriate, follow-up on solutions and propose specific coverage.
• Execute data analytics, where appropriate, to move towards more automated testing execution within audit department.
• Perform multi-platform (application, database, operating system, middleware, monitoring tools, and business processes) level assessments based on predefined test objectives and test plans.
• Perform retest of controls that have been remediated or updated as a result of previously identified deficiencies.
• Obtain, review, and interpret evidence provided to validate controls are performed effectively.
• Execute and report on results of IT Compliance assessments in accordance with industry best practices and established regulatory standards and requirements
• Obtain, review, and interpret organizational IT policies, standards, and procedures to identify control points that would assist in mitigating risk to the business.
• Review test results or interpret evidence to address vulnerabilities, gaps, or control deficiencies; work with stakeholders to establish plans for sustainable resolution.
• Identify risks associated with control failures and supports the identification of mitigating controls
• Partner with control owners to ensure control documentation is updated periodically to reflect current control environment
• Perform other tasks as necessary to ensure that the Compliance meets its commitments to customers
• Investigate security and data breaches to identify incident root causes, internal control gaps/failure points and vulnerabilities exploited; and to proffer solutions/recommendations to prevent reoccurrence and exposure to corporate liability, sanctions, and litigations.
• Carryout review of Group’s data security, threat intelligence, vulnerability management and security monitoring activities

Requirements

• Bachelor's Degree in Information / Technology / Computer Science or any relevant discipline.
• Certified Information Systems Auditor (CISA) will be an added advantage
• Expert in Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web-Proxy, and Security Audits.