Audit Manager – Information Systems Audits at Equity Bank Kenya

Job Purpose:

Our purpose is transforming lives, giving dignity, and expanding opportunities for wealth creation.

The Audit Manager – Information Systems Audits is responsible for conducting comprehensive audits and assessments of information technology (IT) systems, processes, and controls across the Group. This role plays a critical part in evaluating the effectiveness of IT controls, identifying risks, and providing recommendations for improvement to ensure compliance with relevant regulations and industry standards.

Reports to Senior Manager – Information Systems Audits

Job Responsibilities:

 IT Audit Planning and Execution:

• Participate in the development and execution of the annual IT audit plan.
• Conduct IT audits across various business units and subsidiaries, focusing on areas such as application controls, data integrity, change management, IT operations, and business continuity / disaster recovery controls.
• Evaluate the design and operating effectiveness of IT controls, ensuring alignment with industry best practices and regulatory requirements.
• Perform technical testing and analysis, including data analytics.
• Collaborate with other audit teams to deliver integrated audits and advisory assignments.

Audit Reporting and Documentation:

• Prepare comprehensive audit reports detailing findings, risks, and recommendations for remediation.
• Document audit procedures, evidence, and working papers in accordance with established standards and methodologies.
• Collaborate with IT teams and business stakeholders to validate findings and ensure accurate reporting.

Risk Assessment and Advisory:

• Analyze and evaluate the potential impact of identified risks on the organization's IT systems, operations, and overall risk posture.
• Provide practical recommendations to mitigate risks and enhance the effectiveness of IT controls.
• Assist in the development and implementation of remediation plans, as necessary.
• Contribute to IT advisory projects and assessments, providing subject matter expertise and guidance.

Continuous Learning and Development:

• Stay updated with emerging IT risks, regulatory changes, and industry best practices related to IT auditing.
• Participate in training and professional development opportunities to enhance technical and auditing skills.
• Contribute to the improvement of audit methodologies and procedures within the team.

Stakeholder Management:

• Collaborate effectively with IT teams, business units, and relevant stakeholders during audit engagements.
• Foster positive relationships and maintain open communication channels to facilitate the audit process.
• Provide guidance and support to junior auditors and team members as needed.

Qualifications

• Bachelor’s degree in computer science, information technology, cybersecurity, or a related field from a recognized university.
• Professional certifications such as CISA, CISSP, or equivalent IT auditing certifications.
• Minimum of 5 years of experience in IT auditing, IT risk management, or related roles preferably within the financial services industry.

Competencies:

• Proficient in conducting reviews of IT General Controls, IT Application Controls, IT Projects Assurance.
• Proficient in the use of auditing tools, techniques, and methodologies, including data analytics and automated testing.
• Proficient in conducting reviews of IT General Controls, IT Application Controls, Information Risk Management, IT Projects Assurance and related areas.
• Familiarity with IT frameworks, standards, and regulations (e.g., COBIT, ITIL, ISO 27001).
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong communication skills, both written and verbal, for effective reporting and stakeholder management.
• Ability to work in a team environment and collaborate with cross-functional stakeholders.
• Willingness to travel domestically and internationally as required.
• Results orientation
• High integrity and strength of character