Internal Auditor: Cyber & Information Security, Network and Infrastructure - Ecobank



Our website is made possible by displaying online advertisements to our visitors.
Please consider supporting us by disabling your ad blocker.

Job Description: Responsibilities & Requirements


Job Purpose:

  • Carry out audits and reviews of the Cyber & Information Security, Network and Infrastructure hosted by the institution
  • Carry out other duties that may be assigned (ARRs, follow-ups etc.)
  • Independent assessment of the effectiveness of Information Systems risk management process and practices
  • Information Systems Audit Objectives 
  • Information Systems Risk reviews.
  • Provide assurance to the Board and Management on key risks and their management

JOB PRINCIPAL ACCOUNTABILITIES  (Key tasks and indicate any additional activities arising from the job)

Information Systems Auditor:

  • Carry out the periodic audit of information systems hosted by the institution and Group operations & Technology done in line with the approved Audit plan.
  • Conduct audit and risk reviews of information systems including the following:
  • UNIX AIX and Windows operating systems
  • Portable devices such as laptops, notepads, smartphones, and blackberry phones
  • Data backup/storage, security, availability, integrity, classification and retention
  • Windows Office applications including email
  • Windows domain controller
  • Assess the risk and security exposures associated with all software applications and databases used for the facilitation of banking services to the bank’s customers across all affiliates.
  • Assess risk associated with the strategic planning and management of the activities of the information technology platforms in Accra and Lagos.
  • Assess risks associated with Information Security, IT Security, business continuity and disaster recovery planning
  • Assess risks associated with data security, portable devices, windows office applications and domain controller
  • Conduct audit and risk reviews of the following Network and Communication Systems but not limited to:
  • The institution’s network and communication platforms
  • Routers
  • Firewalls
  • IDS / IPS
  • Switches
  • Voice / Data / Video
  • Conduct audit and risk reviews of Infrastructure including the following:
  • Data Centers i.e. Accra, and Lagos
  • Network and Internet Security
  • Cloud computing
  • Design / update I.S Audit programs and checklists for Networks, Communications and Infrastructure in line with international standards and new technology developments within the Group
  • Plan and execute risk-based audit of Networks, Communications and Infrastructure
  • Monitor and escalate key risk issues
  • Carry out ad-hoc reviews
  • Perform periodic IS Risk Assessments and maintain a technology risk map for institution and Group Operations & Technology 
  • Review and evaluate new technology products/services and associated risks.
  • Independent participation in the review and evaluation of projects related to various information systems. networks, communications and infrastructure
  • Share audit findings and recommendations for corrective action to the head of audit for management.
  • Issue draft report within 10 days after completion of all audit assignments.
  • Conduct training for colleagues (auditors), in order to improve the knowledge in auditing and enforcing controls in the IT systems.
  • Assist in the preparation of quarterly board papers.
  • Special Assignments and reviews.
  • Perform other tasks that may be assigned by the Head of Audit and Audit Manager, eProcess & EGH


ADVERTISEMENT

CONTINUE READING BELOW


JOB CONTEXT      

Audit Risk Reviews:

  • Conduct audit risk review of critical platforms and  the institution’s operations and issue report on findings
  • Test to see if controls are working as they should
  • Assist to provide reasonable assurance to management that risk identified are being managed.

JOB DIMENSION      

Audit Risk Reviews:

  • Provide trend analysis on key risks and recommend solutions
  • Interact with all levels of staff, giving feedback on risk and control issues identified during audit reviews
  • Provide advisory services to Functional Heads on risk and control weaknesses affecting their respective areas.
  • Escalating risk and control issues and concerns to the head of audit for management attention.
  • Assist in educating staff on risk the company is exposed to.

JOB SKILLS/EXPERIENCE          

Experience:

  • At least six (6) years of hands on database and technology application management and related fields
  • Developed a broad and deep knowledge of all operational systems and to perform periodic audits required to enhance operational efficiencies
  • Ability to review Network performance by monitoring network devices(routers and switches etc.); evaluating and providing recommendations for resolving network issues; management of network tools; and providing advisory services.
  • Ability to assess Network design and provide expert advice to network, operations, and technical support teams
  • Ability to review IT Security Framework Design and Implementation.
  • Ability to access Security Policy Design, Infrastructure Design and Analysis.
  • Ability to perform Identity Management, Firewalls Security Reviews.
  • Understanding and use of CAATs for analytics (e.g. ACL).
  • Understanding of Risk Assessment Tools and Methodology.
  • Proficiency in the use of Structured Query Language (SQL).
  • Some programming and/or advanced database skills required.
  • Knowledge of audit procedures and institution’s procedures and information technology standards.
  • Knowledge of global banking systems, and systems of controls within the banking environment.
  • The incumbent must be detail oriented with an eye for precision
  • Ability to assess network performance by developing a protocol for measurement of results and identification of problem areas.
  • Excellent written and verbal communication skills with good presentation skills
  • Strong planning and execution skills; ability to set priorities and work under pressure
  • Ability to interact and present ideas effectively to all levels of staff
  • High level of logical and analytical thinking
  • Risk-based audit techniques

Education:

  • University degree in Computer Engineering and Information Technology or related fields
  • Equivalent professional qualification in Information Systems Security and/or Audit
  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional(CISSP)
  • Cisco Certify Network Associate (CCNA)
  • Cisco Certified Network Professional (CCNP) +
  • CompTIA Network++


ADVERTISEMENT

CONTINUE READING BELOW


Personal Attributes:

  • Organization
  • Discretion
  • Vigilance
  • Integrity
  • Rigour
  • Courtesy
  • Good communication skills 
  • Availability
  • Ability to work without supervision.
« Go back to the jobs list



RELATED JOBS >> CLICK A JOB BELOW TO VIEW & APPLY

DISCLAIMER

  • Do not pay any fee to any Recruiter.
  • The Recruiter may amend, delete or expire jobs at any time without notification.
  • The Recruiter reserves the right not to proceed with filling the position.
  • An application will not in itself entitle the applicant to an interview.

FIND CURRENT JOBS IN GHANA 2024 TODAY

JobSearch Ghana is your most reliable website for latest jobs in Ghana today. If you are interested in getting genuine and reviewed job vacancies in Ghana from the best companies, then you are in the right place. Browse For Graduate Jobs, Government Recruitments & More. You can find current jobs in Ghana today on LinkedIn, Glassdoor, Graphic here

TOP CAREER ARTICLES FROM EXPERTS

Job search is not an easy journey especially for jobs in Ghana 2024. That is why we have engaged experts to write seasoned articles to guide your job search in Ghana. We cover interviews, cover letters, CVs, aptitude tests, workplace life, entrepreneurship, personal finance and more. Check out our career articles page today!

Top