We are pleased to announce the subject career opportunity within the CEO’s Office under Internal Audit. In keeping with our current business needs, we are looking for a person who meets the criteria indicated below.
Detailed Role Description
Reporting to the Senior Manager – Networks and M-PESA Audits the position holder will be responsible for for leading, planning, performing and documenting Cyber/IT Security reviews and advisory assignments as well as audits of Financial Services Systems in accordance with the internal audit plan. These audits shall include but not be limited to Vulnerability Assessments, Penetration testing, audits of Mobile Money systems and Pre/ Post-Implementation reviews.
The position holder will also be responsible for supporting strategic business initiatives by advocating and enhancing the risk and control environment, and when appropriate, engaging, managing and reviewing the work of external consultants/advisors.
Job Responsibilities
- Participation in the overall development and delivery of the audit plan
- Review of the mobile money systems from a technical standpoint to provide assurance on the adequacy of controls are adequate to mitigate and/or manage the technology risk to acceptable levels
- Review of security controls around key network elements (BSS, MSC, HLR/AUC, IN, NGN, GGSN/SGSN)
- Prepare deliverables/reports for senior management that include thematic issues, trends and other micro/macro level risks identified through the execution of IT audits within the Financial Services space
- Serve as an on-going subject matter expert in the area of information security controls and technologies
- Present, discuss and follow-up on audit recommendations with management
- Delivery of continuous information security assessments and penetration testing.
- Articulation of security risk exposure to various stakeholders.
- Review security control frameworks/guidelines to ensure consistent application of security controls
- Review procedures for investigating and closure of technology security incidents in line with industry best practices
- Keep abreast with the latest technology security trends and provide input to mitigate emerging threats
Qualifications
- Degree in Computer Science, IT, Business Information Systems (or related technical / business field) from a recognized university.
- 5-7 years working experience in information systems and cyber security assurance
- Demonstrated deep interest in IT Security and broad IT expertise coupled with good understanding of financial services and impacting laws and regulations
- Strong working knowledge of penetration testing tools and methodologies including but not limited to Application Security, Database Security, Web services security, Network Security, Mobile Security and VAS systems security
- Knowledge of common IT and networking technologies (operating systems, relational databases, network/mobile technologies) including Oracle or MS SQL databases, Unix / Linux / Windows etc.
- Detailed understanding of frameworks, principles, practices, and techniques related to IT Security
- Holder of Certified Information Systems Auditor (CISA) or equivalent
- Security qualification (CISSP or CISM or other information security certification)
- Experience in use of CAATs a must
- Strong relationship, communication and stakeholder management skills
- Ability to evaluate risks, articulate issues, develop consensus, raise awareness and recommend practical solutions
- Strong Written and Verbal language skills
- Ability to initiate and build effective stakeholder relationships
- The ability to work under pressure and be resilient and tenacious to get results
The post Principal Systems Auditor at Safaricom appeared first on Jobs in Kenya - http://jobwebkenya.com/.
The post Principal Systems Auditor at Safaricom is republished from Jobs – Jobs in Kenya – http://jobwebkenya.com/
