IT Auditor at Zedcrest Group

Zedcrest Group is a new age, goal-driven financial services Group, with 3 subsidiaries (consumer lending, fund management and securities trading) regulated by the Central Bank of Nigeria and the Securities and Exchange Commission. We are also a Venture Capital Firm with investments in about 50 tech start-ups.

We are recruiting to fill the position below:

Job Title: IT Auditor

Location: Lagos

Job Description

• We are looking to hire an IT Auditor with an analytical mind and expertise in IT systems, applications, and infrastructure.
• IT Auditors are expected to have outstanding problem-solving skills, meticulous attention to detail, and a great understanding of cybersecurity trends.

Responsibilities

• Execution of IT Infrastructure and Cyber Security audits
• Performing Information Security Risk Assessment to develop audit plan and supporting other audit initiatives
• Conduct risk-based infrastructure audits, including cyber security coverage within a diverse technology environment, including vendor and cloud platforms.
• Prepare clear and concise audit work papers.
• Identify and document control weaknesses, draft planning memos and audit reports, and discuss pragmatic suggestions for remediation with Management.
• Participate in the quarterly issue verification process, including validating the satisfactory completion of outstanding issues raised by regulators and/or audits where required.
• Conduct continuous monitoring of technology initiatives and processes to identify areas of increasing and emerging technology risks; escalate risk issues as appropriate, follow-up on solutions and propose specific coverage.
• Execute data analytics, where appropriate, to move towards more automated testing execution within audit department.
• Perform multi-platform (application, database, operating system, middleware, monitoring tools, and business processes) level assessments based on predefined test objectives and test plans.
• Perform retest of controls that have been remediated or updated as a result of previously identified deficiencies.
• Obtain, review, and interpret evidence provided to validate controls are performed effectively.
• Execute and report on results of IT Compliance assessments in accordance with industry best practices and established regulatory standards and requirements
• Obtain, review, and interpret organizational IT policies, standards, and procedures to identify control points that would assist in mitigating risk to the business.
• Review test results or interpret evidence to address vulnerabilities, gaps, or control deficiencies; work with stakeholders to establish plans for sustainable resolution.
• Identify risks associated with control failures and supports the identification of mitigating controls
• Partner with control owners to ensure control documentation is updated periodically to reflect current control environment
• Perform other tasks as necessary to ensure that the Compliance meets its commitments to customers
• Investigate security and data breaches to identify incident root causes, internal control gaps/failure points and vulnerabilities exploited; and to proffer solutions/recommendations to prevent reoccurrence and exposure to corporate liability, sanctions, and litigations.
• Carryout review of Group’s data security, threat intelligence, vulnerability management and security monitoring activities

Requirements

• Bachelor's Degree in Information / Technology / Computer Science or any relevant discipline.
• Certified Information Systems Auditor (CISA) will be an added advantage
• Expert in Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web-Proxy, and Security Audits.

Application Closing Date
31st January, 2023.