We are looking for an experienced IT Auditor for an organization with regulatory role in the health and safety sector who should work with internal audit management to develop and implement a comprehensive risk based audit program. This involves managing the completion of various IT and operational audits as assigned by the Manager Internal Audit. The IT Auditor will provide guidance on compliance with regulatory and procedural IT issues, and ensure that there are adequate controls maintained over all aspects of the IT environment.

Requirements

This position requires a strong information systems auditing background, supplemented with practical experience in IT operations. It also requires a well –rounded knowledge of IT; including but not limited to networks, mainframes, telecommunications, operating systems, change management, disaster recovery, cloud computing, and security. The position requires the IT Auditor to assess risk across a wide variety of business processes, and interface with all levels of the organization.

Other essential duties include, but are not limited to:

·         Oversee the completion of risk-based IT and operational audits assigned by the MIA;

·         Evaluating IT management practices and procedures for compliance with applicable regulations company policy and industry such as COBIT;

·         Identifying and testing effectiveness of operating procedures and of internal controls embedded in systems;

·         Preparing audit work papers in accordance with professional standards and

·         Preparing written reports of completed audits and presenting results to Management;

·         Develops and maintains productive client and staff relationships through individual contacts and group meetings;

·         Pursues professional development opportunities, including external and internal training and professional association memberships, and shares information gained with co-workers;

·         Represents internal auditing on organizational project teams, at management meetings, and with external organizations;

·         Provides or assists in providing training, coaching, and guidance to internal audit staff in conducting audits and other audit-related issues;

·         Plans and executes audits of client/server technology platforms and evaluates IT internal controls and works collaboratively with management to identify actions needed;

·         Conducts data extraction, analysis, and security reviews utilizing software tools;

·         Supports audits and consulting engagements related to programming, mainframe batch and online processes, client-server architecture, Internet and intranet functionality, database extraction, technology strategy, and data communication and network security;

·         Acts as liaison with IT business partners to ensure full understanding of data flow, data integrity, and system security;

·         Assesses information technology control elements to mitigate IT risks regarding confidentiality, integrity, and availability of business information; and

·         Perform functions and any other duties as and when required audit management.

·  

· Bachelor’s degree required with a preference toward Computer Science, Information Systems, Information Security.

·         Practical IT experience helpful and may be considered in lieu of audit experience requirement.

·         Experience in auditing Systems.

·         Experience in Finance will be an added advantage.

·         Should be studying for professional certification such as CISA, CISM with CIA.

·        More than 3 years of experience in a similar role.

Must also have the following demonstrated knowledge, skills, and abilities:

·         Strong analytical skills

·         Ability to handle complex problems and multitask.

·         Excellent communication skills (verbal and written) to accurately and succinctly communicate complex ideas.

·         Ability to lead and influence others.

·         Conforms to acceptable standards of conduct as expressed in the employee handbook and the code of conduct for auditors as prescribed by the Institute of Internal Auditors and the Information Systems Audit and Control Association+.

Method of Application