System Audit Officer at SystemSpecs

Core Purpose of the Job:

• To ensure effective audit of all information systems including hardware, software, databases, networks, applications, electronic channels, and IT Governance.

Roles & Responsibilities:

• Facilitate the adoption of Remita by individual and corporate users.
• On a continual basis, identify, document, and offer relevant recommendations on effective management of potential events or the major risk elements that the business is exposed to. These include but are not limited to Regulatory, Operational, Legal, and Information Technology risks.
• Conduct quarterly reviews of the mitigants, processes, and internal controls designed to manage the risks.
• Recommends appropriate strategies to ensure adherence to governance structures and application of best practice internal controls.
• Treat enquiries from external parties including auditors to customers, regulatory and law enforcement agencies, etc.
• Timely response to service/support requests from the Strategic Business Units (SBUs)
• Feedback from relevant internal stakeholders on their level of satisfaction with the overall quality of his service delivery
• Regularly conduct or perform security assessments of IT systems and infrastructures.
• Plans and prepares for audit, assurance, and advisory engagements.
• Manage the requirements for and ensure successful Recertification/Surveillance of the organization’s PCI DSS, ISO 9001, and 27001 certifications
• Conduct all IT regulatory standards internal audits such as ISMS, BCMS, ITSM, PCI DSS, etc.
• Evaluate the efficiency and effectiveness of the system and other controls specifically as they relate to the management of IT risk as well as the definition, design, and execution of the company's IT initiatives.
• Develop processes to monitor technology and security risks and generally promote the development of the appropriate control-oriented environment.
• Ensure that all computerized systems comply with statutory regulations and generally accepted accounting principles.
• Encourage controls in developing information systems that will generate reports of irregularities for management and deter fraud.
• Appraise the effectiveness and independence of system program change controls, system, and security administration, monitoring and incidence response activities, and general information system controls over a variety of applications.
• Appraise the effectiveness of the architecture of web-based application systems, including communication protocols on system security and performance.
• Appraise the effectiveness of the architecture of client server-based LAN Accounts.
• Assist in fraud investigations relating to systems fraud.

Key Interfaces:

• Key customers: External & Internal Customers
• Key suppliers:
• Relations, etc:

Minimum Requirements:

• Minimum of 3 years’ experience in managing information systems / Cybersecurity / IT audit/auditing and control.

Academic Qualification:

• Bachelor’s degree

Professional Qualification:

• Any of the following professional certification will suffice: ISACA, CISM,

Competencies (Knowledge, Skills & Attributes):

• Deep knowledge of audit, assurance and advisory, governance, risk & control
• Strong knowledge of cloud computing
• High level of ethical standard and professionalism
• High analytical skills
• Reporting and forensic technique
• Healthy skepticism
• Natural inquisitiveness & critical thinking
• Persuasiveness
• Change management proficiency
• Fraud Detection and Control
• Investigation
• Information Security, Penetration Testing, and Vulnerability Management
• Knowledge of Extant Regulations
• Business Savvy
• Data Mining, IT Appreciation and Application