Information Systems Auditor
Jobs at:KCB Bank Kenya
Deadline of this Job:
22 April 2022
Date Posted: Tuesday, April 12, 2022 , Base Salary: Not Disclosed
The Information System Audit department is a function within the Audit division. The department is responsible for providing objective and independent assurance that the bank’s Information Systems are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement.
Reporting to the Head, Information Systems Audit, the Information Systems Auditor will give objective and independent assurance that the bank’s Information Systems are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement.
• Contribute to conducting cyber risk assessment for assigned audit assignments
• Perform IT general and IT application control reviews on information systems to give assurance on effectiveness and efficiency of control environment, and compliance to KCB Group policies and Central Bank of Kenya (CBK) Prudential guidelines.
• Perform independent threat and vulnerability assessment tests and report on cyber risks and controls of the ICT systems within the bank and other related third-party connections.
• Conduct comprehensive penetration tests of the bank’s web-based applications, mobile applications, networks, and ICT systems to assess the effectiveness of the cybersecurity framework implemented by the bank.
• Documents the results of audit work in accordance with internal audit guidelines and the Institute of Internal Auditors (IIA) standards.
• Share knowledge, skills, and experience with team members.
• Perform other related duties as assigned.
For the above position, the successful applicant should meet the following criteria:
• Bachelor's Degree in a Computer Science, Information Technology, Electrical Engineering, or a Related field from a university recognized by Commission for University Education.
• Must Possess CISA, CISM or CISSP or a related information systems audit certification.
• Must Possess CEH/LPT/OSCP/CCIE Security/CSX Practitioner or a related penetration testing certification.
• Master's degree is an added advantage
• A minimum 5 years' experience covering 2 years in Information System Audit and 3 years in performing cyber security reviews, vulnerability assessments and penetration tests.
• Proficiency in using penetration testing tools e.g., Kali Linux, Nessus, Nipper, Burp suite, Metasploit framework, Wireshark, Acunetix, Netsparker, Mobsf, Frida, Objection etc.
• Proficiency in performing web application and mobile application security assessments.
• Proficiency in the use of audit management software e.g., TeamMate.
• Excellent Customer Service and strong Business Analytical skills.
• Demonstrated leadership ability with initiative & self-drive.
• Superior communication and inter-personal skills, including report writing.
• Effective planning, organizing and problem-solving skills.
Work Hours: 8
Experience in Months: 24
Level of Education: Bachelor Degree
Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.