Equity Bank is one of the Region’s leading banks whose purpose is to transform the lives and livelihoods of the people of Africa socially and economically by availing them modern and inclusive financial services that maximize their opportunities. With a strong footprint in Kenya, Uganda, Tanzania, Rwanda, South Sudan and DRC Congo, Equity Bank is now home to over 12 million customers – the largest customer base in Africa. Currently the Bank is seeking additional talent to serve in the role outlined below.
Senior Information Systems Auditor
Reporting to the Senior Audit Manager Information Systems, the role holder will be responsible for carrying out a detailed evaluation of IT-dependent internal controls and audit review of the bank’s information systems and projects using specified methodology and in accordance with department and professional standards. The position holder will conduct IS audit engagement planning, execution and reporting working closely with IS Audit Managers.
- The role holder will actively participate in conducting risk assessments during annual planning as well as engagement planning.
- Undertake audit engagements as assigned by the IS Audit Manager and within specific time budgets and quality parameters to achieve the Internal Audit Plan.
- Carry out walkthroughs and document process gaps i.e. carry out risk assessments, develop audit programs or update existing audit programs based on the risk assessments done.
- Adopt the use of Audit Tools (ACL, TeamMate etc) and Core business systems (Finacle CB, Oracle ERP) and other relevant applications to ensure effective and efficient audits.
- Report on audit findings clearly defining the 5Cs i.e. criteria, condition, cause, consequences and corrective action.
- Appraise the soundness, adequacy, application and efficiency of IT enabled controls to mitigate business risks and make recommendations to management to mitigate the risks.
- Act as Team Leader for less complex IS engagements within specified time budget and quality parameters and work as a team member on higher complexity IS engagements.
- Ensure full adoption of Teammate from the creation of project, users, completing working papers, raising issues, sign off and review, compiling reports for discussion with audit clients as well as tracking and validation of audit issues.
- Assess how well the business complies with rules and regulations and inform management on any issues that need to be addressed.
- Prepare special audit and control reports by collecting, analyzing, and summarizing operating information and trends.
- Perform issue tracking and validation to ensure IS audit issues identified are implemented within agreed timelines.
- Prepare periodic status updates on open IS audit issues.
- Bachelor’s degree in Computer Science, Information Technology, or related field from a recognized university.
- Certified Information Systems Auditor (CISA).
- At least 4 years cumulative experience in Information Systems audit or information security from a reputable audit firm or financial institution.
- Excellent understanding of auditing concepts and practices as prescribed in the audit professional standards.
- Strong working knowledge of banking or financial business processes, risk and control environment, supporting business systems and technologies.
- Broad IT expertise with an emphasis on general IT operations, IT enterprise infrastructure and networks, cyber security, data privacy and emerging technologies such as cloud computing.
- In depth Knowledge of common IT platform (operating system, relational databases, network/mobile technologies) including Oracle database, Unix/Linux/Windows.
- Understanding of frameworks, principles, practices, and techniques related to IT operations, cyber security and project delivery e.g. ISO 27000, ISO 20000.
- Audit automation, tools and analyst skills. Experience in the use of TeamMate, SQL scripting and ACL data analytics tools is an added advantage.
- Team leadership and supervision skills with the ability to evaluate risks, articulate issues, develop consensus, raise awareness and recommend practical solutions.
- Good communication and report writing skills.
- Self-driven and ability to work under minimum supervision and demonstrate good level of maturity.
- Team player with strong interpersonal, communication and stakeholder management skills.
- Should have good analytical and problem-solving skills.