Offre fiable

Senior Information System Auditor

Kenindia Assurance Company Limited

Nairobi, Kenya CDI

Publiée il y a 1 mois · Expire dans 3 semaines

Partager :

Description du poste

## Title: Senior Information Systems Auditor

About the Role

This position offers a great opportunity for career growth. You will independently plan and execute complex IT audits across infrastructure, applications, cybersecurity, and emerging technologies. This role requires strong IT audit capabilities and a solid foundation in cybersecurity to assess and enhance the organization's IT risk posture.

Job Purpose

To independently plan and execute complex IT audits across infrastructure, applications, cybersecurity, and emerging technologies, with a focus on strengthening the organization's IT risk posture.

Principal Accountabilities

  • Lead and deliver IT audits covering IT General Controls (ITGCs), application controls, cybersecurity controls, and IT operations
  • Assess compliance with the Kenya Data Protection Act (2019), Insurance Regulatory Authority ICT Guidelines, and other relevant legal or regulatory frameworks
  • Perform independent pre- and post-implementation reviews for major IT projects and system changes
  • Audit third-party service providers, outsourced IT services, and cloud-based environments, with emphasis on cybersecurity, data protection, and regulatory compliance
  • Lead the development of the IT audit risk universe and contribute to the annual audit plan
  • Identify and assess IT and cybersecurity risks, and recommend practical improvements aligned to frameworks such as COBIT, NIST, ISO 27001, and ITIL
  • Stay informed on emerging IT risks, regulatory developments, and technology trends
  • Prepare and present high-quality audit reports, including findings and actionable recommendations, to senior management and governance bodies

Minimum Qualifications

  • Bachelor's degree in Information Systems, Computer Science, Cybersecurity, or related field
  • 6–8 years of experience in IT auditing or a combination of IT audit and technical roles
  • Hands-on experience performing cybersecurity audits, including assessment of security controls, policies, and governance practices

Required Certifications

  • CISA (Certified Information Systems Auditor)
  • One cybersecurity certification: CISSP, CISM, or CRISC
  • Active membership in professional bodies such as ISACA or IIA

Ce poste vous intéresse ?

Se connecter pour voir l'email

Pas encore inscrit ? Créer un compte gratuit