Senior Lead - Technology Audit.Internal Audit and Fraud Management at MTN Nigeria

Reports To: Manager Technology Audit

Division: Internal Audit & Forensic Services

Mission:

Manage or conduct Technology, IT Security and Network Audit projects and consulting services relating to governance and risk identification for both MTN management and staff in order to review the goals, objectives and impact of a variety of economic, financial, operational and managerial programs in conformance with company policy and procedures, Group Internal Audit methodologies and IIA standards of professional practice.

Description:

• Create a holistic picture of each project to provide context for the findings, and implement procedures as required to perform Technology, Security, and Networks audits
• Manage expertise and resource planning and requirements for Technology, Security and Networks Audit assignments, special assignments, and management requests
• Manage the audit assignments’ progress and escalate any roadblocks to completion to the Senior Manager for intervention and resolution
• Ensure that IA methodology as prescribed by Group Internal Audit is strictly adhered to, including identifying and defining issues, developing criteria, reviewing and analysing evidence, and documenting Technology, Security and Networks processes and procedures
• Oversee and manage the work of the audit staff in conducting interviews, reviewing documents, developing and administering audit surveys, composing summary memos, and preparing working papers or audit operations
• Implement the audit program, recognise control weaknesses, assess the materiality of these weaknesses, and relate them back to the scope and objectives of the audit
• Review the audit programs to ensure the appropriate testing mechanisms
• Review and manage the work of the audit staff in identification, development, and documentation of audit issues and recommendations for improvement, as guided by Senior Manager Technology, Security and Networks
• Develop recommendations for bringing programs and operations into compliance with goals and objectives and write up reports to document findings
• Communicate the results, findings and recommendations of audit projects through written reports and face-to-face presentations on a timely basis to the Senior Manager: Financial and Operational Audit
• Ensure that the audit is carried out on the eGRC system in line with process and methodology as mandated by the Group Internal Audit and Forensics function
• Follow up on the implementation of audit recommendations in a timely manner
• Perform control adequacy and effectiveness reviews of business processes
• Interact with staff, Audit Managers, General Managers, BRM consultants, and when necessary, with Executive Management to obtain and/or communicate relevant information to achieve the objective/s of the Technology, Security and Networks Audit function
• Maintain all MTN and professional ethical standards and ensure internal audit activities are carried out in compliance with The International Standards for the Professional Practice of Internal Auditing (Standards) and IIA Code of Ethics
• Support the Senior Manager: Technology, Security and Networks in coordinating with the External Auditors where needed and facilitate their fieldwork within MTN
• Report on an ad-hoc basis on specific projects as and when necessary
• Oversee and coordinate all technical activities, the activities of direct reports and ensure all transaction and administrative documentation is recorded and available for business use.
• Continuously seek self-professional development to sharpen skills and capabilities in a versatile and evolving digital landscape.  

Education:

• First degree in a numerate discipline (Preferably BSc Electrical/ Electronics, Computer Engineering, Telecommunications, or Computer Science with strong predilection for engineering; or in any Systems oriented discipline)
• Fluent in English
• MSc or MBA in relevant field will be an added advantage

Certification:

• Certifications related to Auditing - Certified Information Systems Auditor (CISA) is required
• Certifications related to Cloud, Cyber or Technology Operations, such as Cloud provider certifications, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM)
• COBIT, CRISC, ISO 27001 LA, ITIL will be an added advantage

Experience:

3-7 years’ experience which includes;

• Minimum of 3 years’ experience in an area of specialisation; with experience in supervising others
• Experience working in a large organization
• Experience in internal audit function (with focus on Systems Audit) in a Systems/ IT/ Telecomm environment
• Worked across diverse cultures and geographies advantageous
• Knowledge of IT audit management 
• Project management
• Knowledge of data science and analytics is vital
• Information technology experience such as operations, software delivery, access management, microservices, cloud infrastructure, Artificial intelligence etc
• Information security experience such as application security, network security, cybersecurity, data protection etc
• Knowledge of technical infrastructure, operating systems, networks, databases, GSM networks, firewalls and systems
• Understanding of commonly used internal control frameworks, including COBIT, ISO 27001, ISO 20000, ISO 22301, NIST Cybersecurity Framework, ITIL, etc