Wednesday, 15 July 2020

Manager – Information Security at Kenya Revenue Authority

Job Purpose

The job holder is responsible for the review of the Authority’s Information System security, Infrastructure security, policies and procedures related to security to ensure technology in place and system controls are adequate to meet business objectives and customer needs.

Key Responsibilities / Duties / Tasks

Managerial / Supervisory Responsibilities

  • Development and execution of a comprehensive audit plan based upon risk assessment, management’s goals and objectives, and the requirements of the Board Audit Committee.
  • Provide professional audit services as the Manager in conducting reviews of assigned organizational activities in accordance with Standards for the Professional Practice of Internal Audit, and department standards.
  • Perform Corporate Information System (IS) audits designed to provide assessment of internal control processes and operational performance, in accordance with department and professional standards.
  • Reviews of internal controls and security of existing systems, under development, new information systems and system changes on existing systems as well as major IT projects and initiatives
  • Prepares under minimal supervision audit reports designed to provide assurance to management and the Audit Committee of the Board of Directors with an objective assessment of systems, processes and operations, and management’s planned corrective actions.
  • Perform or assist in the performance of special projects or studies, including risk assessments, fraud investigations, audit department policy updates etc.
  • Identify skills gaps including completing performance appraisals, personal development, succession plans, mentor and coach staff and on time in accordance with the established performance management system
  • Provide advisory/consultancy support across the Authority
  • Carry out ad hoc special assignments and investigations

Operational Responsibilities / Tasks

  • Manages staff within the Information Systems unit with regards to task allocation and supervision
  • Provide work instructions and assist employees with difficult and/or unusual assignments, encourage innovation, achievement of goals and foster team work through resolution of problems and mediates conflicts during operations
  • Review scope of audits, allocation of resources, deadlines and terms of reference for each review for respective units within the Information Systems division
  • Review audit working papers and draft audit reports
  • Prepare unit annual budgets and monitor their implementation.
  • Ensure completeness of audit workings in Audit management system (Teammate) for accuracy, completeness and quality
  • Assist in development of the Departmental risk register.
  • Provide advisory/consultancy support across the Authority.
  • Act as a primary client liaison with Kenya National Audit Office (OAG) on unit audit queries.

Job Dimensions:

Financial Responsibility:

  • Development of Unit’s Budget.
  • Unit’s expenditure recommendation.
  • Responsibility for Physical Assets
  • Responsible for physical assets assigned by the institution.
  • Provides oversight for the physical assets assigned to the Information SecurityUnit.

Decision Making:

  • Makes decisions using standard operating procedures.
  • Plan the work of subordinates.
  • Assign work to subordinates.
  • Monitor subordinates work performance.
  • Appraise/evaluate subordinates performance.

Working Conditions:

  • Works predominantly within the office.

Job Competencies (Knowledge, Experience and Attributes / Skills).

Academic Qualifications

  • Bachelor’s Degree in  Information Technology, Computer Science, Business Information Technology,  Mathematics and Computers, Finance, Accounting, Business

Professional Qualifications / Membership to professional bodies

  • Certification as a Certified Information Systems Auditor (CISA)
  • Certified Internal Auditor (CIA)
  • Certifications specific to the information technology industry such as a Certified Network Engineer, Certified Security Professional, or other relevant certifications will be an added advantage,
  • Membership of  ISACA or IIA

Previous relevant work experience required.

  • A minimum of five (5) years operational IT audit experience in an environment that provides exposure to sophisticated information systems audit techniques, network security, technology infrastructure, software development, project management, or a related field of which two (2) years should be at the First level management.
  • Understanding of concepts related to information systems audit, including security and control risks such as logical and physical access security, change management, information security, business recovery practices and network technology.
  • Demonstrate and apply a thorough understanding of complex information systems
  • Knowledge of Control Objectives for Information and Related Technology, Accepted Auditing Standards, Standards for the Professional Practice of Internal Auditing.

Need to know: 

Attributes:

  • Strategic leadership
  • Data analytical skills
  • Critical thinking
  • Technology savvy
  • High level of integrity.
  • Ability to understand business processes and good awareness of functional relationships of Departments within the Authority.
  • Ability to apply audit standards through practical application.
  • Understanding and ability to apply risk and control concepts.
  • Management and supervisory skills.
  • Planning and organizational skills.
  • Problem solving and analytical skills.
  • Oral and written communication skills.
  • Excellent relationship management skills.

The post Manager – Information Security at Kenya Revenue Authority appeared first on Jobs in Kenya - http://jobwebkenya.com/.



The post Manager – Information Security at Kenya Revenue Authority is republished from Jobs – Jobs in Kenya – http://jobwebkenya.com/