Zedcrest Group is a new age, goal-driven financial services Group, with 3 subsidiaries (consumer lending, fund management and securities trading) regulated by the Central Bank of Nigeria and the Securities and Exchange Commission. We are also a Venture Capital Firm with investments in about 50 tech start-ups.
We are recruiting to fill the position below:
Job Title: IT Auditor
Location: Lagos
Job Description
We are looking to hire an IT Auditor with an analytical mind and expertise in IT systems, applications, and infrastructure.
IT Auditors are expected to have outstanding problem-solving skills, meticulous attention to detail, and a great understanding of cybersecurity trends.
Responsibilities
Execution of IT Infrastructure and Cyber Security audits
Performing Information Security Risk Assessment to develop audit plan and supporting other audit initiatives
Conduct risk-based infrastructure audits, including cyber security coverage within a diverse technology environment, including vendor and cloud platforms.
Prepare clear and concise audit work papers.
Identify and document control weaknesses, draft planning memos and audit reports, and discuss pragmatic suggestions for remediation with Management.
Participate in the quarterly issue verification process, including validating the satisfactory completion of outstanding issues raised by regulators and/or audits where required.
Conduct continuous monitoring of technology initiatives and processes to identify areas of increasing and emerging technology risks; escalate risk issues as appropriate, follow-up on solutions and propose specific coverage.
Execute data analytics, where appropriate, to move towards more automated testing execution within audit department.
Perform multi-platform (application, database, operating system, middleware, monitoring tools, and business processes) level assessments based on predefined test objectives and test plans.
Perform retest of controls that have been remediated or updated as a result of previously identified deficiencies.
Obtain, review, and interpret evidence provided to validate controls are performed effectively.
Execute and report on results of IT Compliance assessments in accordance with industry best practices and established regulatory standards and requirements
Obtain, review, and interpret organizational IT policies, standards, and procedures to identify control points that would assist in mitigating risk to the business.
Review test results or interpret evidence to address vulnerabilities, gaps, or control deficiencies; work with stakeholders to establish plans for sustainable resolution.
Identify risks associated with control failures and supports the identification of mitigating controls
Partner with control owners to ensure control documentation is updated periodically to reflect current control environment
Perform other tasks as necessary to ensure that the Compliance meets its commitments to customers
Investigate security and data breaches to identify incident root causes, internal control gaps/failure points and vulnerabilities exploited; and to proffer solutions/recommendations to prevent reoccurrence and exposure to corporate liability, sanctions, and litigations.
Carryout review of Group’s data security, threat intelligence, vulnerability management and security monitoring activities
Requirements
Bachelor's Degree in Information / Technology / Computer Science or any relevant discipline.
Certified Information Systems Auditor (CISA) will be an added advantage
Expert in Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web-Proxy, and Security Audits.