Position Description

The job holder will be responsible for performing and reporting independent risk-based reviews of Information Systems and Technology processes in accordance with the audit plan. The primary function of this role is to provide assurance regarding the adequacy and effectiveness of controls spanning application systems, information security, change and incident management, service quality, data protection, logging mechanisms, and other pertinent technology risk domains. The position holder also supports strategic business initiatives by strengthening the organization’s risk and control environment and, where required, coordinating and reviewing the work of external auditors to ensure alignment with internal standards.

Requirements

Key Responsibilities

1. Technology Risk & Control Assurance

• Evaluate technology risks associated with strategic business initiatives and propose suitable mitigation strategies.
  

• Execute risk-based audits encompassing: Application controls,Information security controls,Change management processes,Incident management processes,IT operations and service quality,Data protection standards and Logging and monitoring mechanisms
  

• Conduct audits of transaction systems to assess the sufficiency of both automated and manual controls.
  

2. Audit Planning & Execution

• Contribute to the development and delivery of the annual Technology audit coverage.
  

• Ensure audit objectives, scope, procedures, and results are properly documented in alignment with internal audit methodology and technology strategy.
  

• Maintain high-quality audit working papers in accordance with internal policies and professional audit standards.
  

3. Reporting and Stakeholder Engagement

• Engage in constructive discourse with key stakeholders and management regarding audit observations.
  

• Formulate comprehensive, risk-rated audit reports delineating control deficiencies, underlying causes, systemic thematic issues, and identification of emerging trends.
  

• Monitor the timely remediation of identified audit findings and proactively collaborate with stakeholders to ensure adherence to agreed-upon deadlines, thereby preventing overdue corrective actions.
  

• Offer strategic insights about industry best practices and the evolving landscape of technology risks.
  

4. Continuous Risk Assessment & Advisory

• Execute ongoing information systems risk assessments.
  

• Serve as a subject matter expert concerning information system controls and prospective technologies.
  

• Build trusted professional relationships across the Technology, Risk, and Internal Control functions while upholding the independence of the auditing role.
  

• Provide control design input to support strategic initiatives without compromising objectivity.
  

Desired Skills and Experience

• Education: A Bachelor's degree in Information Systems, Computer Science, Cybersecurity, or a closely related discipline is required.
  

• Professional Certification: Certification is essential. The Certified Information Systems Auditor (CISA) is highly preferred. Additional certifications such as CISSP, CRISC, COBIT, or CIA are a distinct advantage.
  

• Experience: 1–2 years of experience in IT Audit, IT Risk, or Technology Assurance is required. Experience auditing ERP, CRM, or multi-tenant platforms is considered a strong advantage.
  

Benefits

Benefits

• Competitive Remuneration
  

• Pension Scheme
  

• Medical Cover