IT Audit Analyst at Nigerian Exchange Group (NGX Group)

Job Summary

• We are actively seeking a skilled Information Technology Audit Analyst to join the Internal Audit department.
• The successful candidate will be required to evaluate the effectiveness of the Group’s IT controls, identify potential vulnerabilities and provide valuable insights to enhance technology related processes.
• He/She should possess a sound knowledge of internal control principles, audit practices and compliance within an IT-related environment and ensure the Internal Audit team adopts best practice across the Group.

Responsibilities

• Review and ensure access control strategy aligns with corporate identity policy and IT architecture of NGX;
• Review and ensure a unique identity is used to initiate a transaction and user is currently authorised to perform such action;
• Ensuring access violations are identified. e.g. ex- staff accounts still active on NGX applications;
• Reviews IT Projects to identify risks introduced during vendor selection, pre-implementation and go-live phases due to system adaptation for NGXG’s users and processes;
• Review and ensure  key controls are embedded through the application acquisition life cycle and go-live of various applications and processes;
• Ensure effective follow-up with Audit clients, to resolve all outstanding weighty exceptions, open items and management letters raised internal and external audits.
• Participate in cross functional reviews – Financial, Operations, Compliance, IT and Investigations;
• Preparation of departmental quarterly reports;
• Participate in review of business applications (X-stream, ERP, etc.) in  event of fires, terrorist attacks, extended power failures, equipment and telecommunications failures;
• Review DR incidences as it relates to Recovery Time Objective “RTO” and Recovery Point Objective “RPO”, as well as ensure adherence to Disaster Recovery / Business Continuity principles;
• Ensure all IT-related activities are reviewed for compliance and consistency;
• Ensure disaster recovery processes across the Group are available and sufficient to withstand major disruptions to our information systems;
• Continuous auditing of X-stream and ensure data from the application are accurate and free from error or manipulation;
• Ensure change management procedures are standardised and followed in all IT-related system changes (maintenance, patches, etc.);
• Ensure Data Centre Best Practices.

Person Specification & Required Qualification (s)

• HND / Bachelor's Degree in Computer Science or a similar field;
• Professional Certifications - CISA (Certified Information Systems Audit), ISO27001, ITIL and ACA will be an advantage;
• Minimum of 3 – 5 years’ cognate experience in core IT, Information Security, or IT Audit roles within the financial services or capital market industry;
• Knowledge of various related standards and frameworks that include- ISACA framework, COBIT, COSO, SOX, ICFR, BASEL 1 & II;
• Ability to build strong partnerships internally and externally, communicate to a wide variety of audiences in clear, understandable language, and be a skilled facilitator of group actions.
• Demonstrable ability to build trust with stakeholders as well as  possess a high level of integrity.