National Bank – A Subsidiary of KCB Group Plc.
Job Ref No. HR/031/2020
Position Title: Audit Manager, ICT Assurance
Available position: 1
Division: Internal Audit
Reporting to: Head ICT Audits
Position scope: The overall responsibility of the job holder will be to plan and carry out audit assignments aimed at providing assurance of information and cyber security to senior management.
He / She will be required to ascertain the extent of compliance with documented policies, procedures and regulations and provide assurance to Management that IS processes are functioning effectively as required.
He/She will be required to facilitate good practice in giving assurance on risk management, controls and governance processes.
- Plan and complete audit assignments involving Information and security assurance in consultation with Head ICT Audits according to approved audit plan within the defined timelines.
- Participate and contribute in the risk assessment process for ICT Assurance in the Bank and document the results.
- Participate in the development of risk based audit plans detailing the scope, nature and timing of audit activities.
- Review the systems established to assess compliance with policies, plans, procedures, laws, and regulations which could have a significant impact on security and report on the assurance and compliance levels.
- Monitor and evaluate effectiveness of the ICT risk management system in place and assist as a liaison person in conducting investigations when called upon.
- Develop in consultation with the Head of ICT Audits appropriate audit tests and programs aimed at efficiently and effectively checking ICT Assurance levels.
- Stakeholder engagement; agree on issues picked during audit activity and submission of a draft report on audit findings by highlighting levels of compliance with key controls, procedures and management policies and regulatory requirements among others.
- Ensure clarity in documentation of issues raised, their impact on business and quality management actions to mitigate the risks.
- Continuously monitor assurance on ICT security and cyber compliance through stakeholder engagement, monitoring of trends and developments and report on the results at agreed intervals or on ad hoc basis as may be required.
- Follow up of audit issue action plans as per stakeholder engagement agreements and track to completion within agreed timelines.
- Follow up recommendations and issue action plans logged from previous audits to ensure their timely closure.
- Continuous review of ICT Assurance audit plan and provide technical expertise to business on controls of existing and incoming ICT Infrastructure and systems, including major projects while maintaining professional independence.
- To support audits of other staff by sharing expertise with members supporting ICT assurance.
- Maintain proactive approach to risk assessment through market intelligence, continuous engagements with stakeholders to understand business dynamics and through data analytics.
- Escalate in a timely manner delays the execution of audit work to Management.
- Perform other related duties that may be assigned from time to time by Management.
- Execution of audit assignments within allocated timelines.
- Timely submission of draft report summaries.
- Quality of recommendations and closure rate of audit actions and issues.
- Satisfactory results of periodic client surveys and external peer reviews.
- Completion of annual audit plan.
- Achievement of agreed performance targets.
- Annual risk assessment report on assigned areas
Skills & Experience:
- A Bachelor’s Degree in Computer Science, IT or Engineering in a recognised University.
- CISA professional certification.
- ACCA/CPA / related accounting professional certification are preferred.
- Membership of IIA/ISACA in good standing is preferred.
- CISM – an added advantage.
- Five (5) years’ experience in an internal audit/ ICT related environment in the financial sector or audit firms with at least two years in the information/cyber security field.
- Understanding of information and cyber security risk management, processes and associated control requirements.
- Innovation; able to keep up with trends of meeting the demands of internal and external customers and controls thereof.
- Collaboration; forms business partnerships that help drive the Bank’s assurance agenda.
- Multi-tasking; able to manage several concurrent audit assignments and prioritise demands.
- Flexibility and adaptability; ability to keep pace with latest trends in addition to new audit requirements.
- Excellent communication skills; strong and confident, articulate in communicating to both internal and external stakeholders.
- Analytical; capable of managing numerous information sources and providing data analysis reports to senior management.
- Professional Independence; exercise objectivity, competence, discretion and courage to raise and escalate matters where applicable.
- High level computer literacy.
- Proficiency in Accounting and auditing practice.
- Conversant with The Banking Act, Prudential Guidelines, International Accounting and Auditing Standards among other relevant regulatory requirements.
- Proactive and Agile
How to Apply:
If you believe you meet the criteria given above, please log to the link provided and submit your application with a detailed CV addressed to the Director Human Resources by Friday, 3rd April 2020.
Please note that applications received after the deadline will not be considered.
Only shortlisted candidates will be contacted for the next stage/s of the recruitment and selection process.
National Bank of Kenya is an Equal Opportunity Employer