As a market leader, we are dedicated towards creating and achieving excellence and the only way we can do it is through our people. Together, we share a common set of values rooted in integrity, excellence and a strong team ethic. We therefore provide you with a superior foundation for building a professional career – a place for people to learn, to achieve and to grow. Here is one such opportunity for you to explore.

This is a high visibility role which provides the successful candidate with an opportunity to contribute to the organization’s control environment and exposure to many business areas. The successful candidate will also have an ideal opportunity to be an integral part of the organization and to really make a difference.

Reporting to the Chief Internal Auditor, the Information Systems (IS) auditor is responsible for execution of internal audits covering all aspects of business process; assessing risks on information systems, business operations and evaluating internal controls to provide an independent appraisal of internal control environment across the Group. It is expected that this position will include responsibility for the execution of complex projects in accordance with the audit plan. The focus will be on information systems, operational processes, credit and departmental audits.

The Role

Specifically, the successful jobholder will be required to:

• Utilize extensive understanding of business activities to recommend scope and objectives of assigned audits, execute audit procedures, perform detailed analyses, reach sound conclusions, and document results for assigned audit activities.
• Participate in the execution of multiple audit projects to achieve the scope, timing, and objectives of each assignment while ensuring applicable regulatory guidance is included in the scope for assigned audits where applicable.
• Proactively identify risks, evaluate controls and make recommendations to improve internal control, operational effectiveness and efficiency.
• Analyze and verify transactions and representations as well as performing review of test work completed by assigned staff.
• Prepare excellent work paper documentation ensuring quality of such documentation in accordance with professional standards, as well as establishing departmental standards and deadlines.
• Recommend departmental improvements to automate procedures, methods, and standards to improve departmental efficiency, productivity and quality.
• Prepare clear and concise recommendations for correction of unsatisfactory conditions, improvements in operations, reductions in cost and effectively gain concurrence and support for recommended control improvements.
• Facilitate the communication of audit results and special projects via written reports and oral presentations to management.
• Assist in the annual risk assessment process and generation of annual audit plan.
• Identify and analyze level of threat and potential risk to the organization’s information assets
• Ensure that access to electronically stored corporate information is adequately protected and managed appropriate to the risks
• Test adequacy and effectiveness of control measures on information systems, operational processes, credit, department operations and recommend corrective measures to be undertaken in areas of weakness.
• Perform special audits as and when called upon and make maximum use of Computer Assisted Audit tools e.g. Teammate, ACL, SQL Developer etc.
• Assist in training/mentoring of staff and develop and maintain the skills, knowledge and expertise to make valuable contributions to the internal audit team.
• Perform independent threat and vulnerability assessment tests and report on cyber risks and controls of the ICT systems within the bank and other related third-party connections.
• Conduct comprehensive penetration tests on the bank’s web-based applications, mobile applications, networks, and ICT systems to assess the effectiveness of the cyber security framework implemented by the bank.

Skills, Competencies and Experience

The successful candidate will be required to have the following skills and competencies:

• Bachelor’s degree in Information Systems or Computer Science from a recognized university. Possession of an MSc or other relevant postgraduate qualification will be an added advantage.
• Professional certification in IT Audit, Risk and Security e.g. CISM, CISSP, CISA, CRISC
• Excellent understanding of auditing concepts and practices with a minimum of 3 years experience in a management role in IT and operations or IT and operation audit.
• Skilled in project management and maintaining composure under pressure while meeting multiple deadlines.
• Demonstrable knowledge in risk assessment and control concepts/methodologies.
• Skilled in negotiation and conflict management to resolve problems that may arise during an audit.
• Excellent oral and written skills; a strong verbal communicator, analytical writer and able to clearly and concisely convey personal observations of processes, risks and controls.
• Excellent analytical ability both qualitative and quantitative to draw sound conclusions coupled with demonstrated knowledge and proper application of sampling techniques.
• Excellent attention to detail and organizational skills.

How to apply

If you fit the profile, then apply today! Please forward your application enclosing detailed Curriculum Vitae to jobs@co-opbank.co.ke indicating the job reference number IA/FSD/2023 by 19^th January 2024.

We are an equal-opportunity employer.