Head, IT Audit at Pishon and Brooks Advisory Services

Pishon and Brooks Advisory Services is a Professional Services firm that support our clients by managing their end-to-end HR Processes in order to enhance their productivity. At PBAS, we have the expertise to connect and manage every business process within the employee lifecycle.

We are recruiting to fill the position below:

Job Title: Head, IT Audit

Location: Lagos
Job type: Full-time

Job Objectives

• To provide independent assurance to management on IT General Controls.
• Ensure best assurance practice in the plan and execution of IS Audit Programs.
• Ensure enterprise wide compliance of business processes and operations to internal policies, procedures and documentations.
• Incorporation of standard practices, principles and processes into audit programs and execution.
• Review of risk related control issues and draft appriopriate remediation plans.
• Understand the business environment and develop relationships with audit client in providing value added solutions and best practices implementation.
• Ensures the effectiveness of IT governance, cybersecurity, system controls, data integrity, and regulatory compliance in line with financial services and fintech regulatory requirements.

Duties and Responsibilities

• Audit Review of Database Management Systems, Enterprise Network security and Device configuration, Antivirus, Systems Patches and Log Management.
• Audit Review of Software Development Life Cycle, Project Management Implementation and Change Management Procedures.
• Develop and execute a risk-based IT audit strategy aligned with the company’s FinTech operating model and regulatory landscape.
• Audit Review of Data Encryption Processes, Key Encryption/ Key Management Lifecycle, and Operating Systems, physical and logical security of card holder environment.
• Audit Review of Active Directory, Operating Systems, Data Bases, Systems’ Logs, Soc, Transaction monitoring and backup & tape management.
• Ensure IT audit coverage aligns with financial services regulations, including data protection, cybersecurity, and technology risk requirements.
• Assess systems and general IT controls and provide practical and Value-added remediation plans.
• Prepare audit reports that summarize the most significant control weaknesses and resulting impact to the organization.
• Provide strategic advisory support on emerging technology risks, digital transformation initiatives, and new product launches.
• Participate in multiple and simultaneous risk assessment.
• Evaluate general IT controls (GITCs) including access management, change management, system development life cycle (SDLC), and IT operations.
• Contribute to internal departmental initiatives such as training, departmental development initiatives and other internal projects as requested.
• Effectively discuss audit issues and develop business focused controls recommendations to strengthen control lapses and weaknesses-based audit while maintaining departmental quality standards. Function as part of a team or work independently when requires.

Requirements
Educational Qualification:

• Bachelor’s Degree in Information Technology, Computer Science, or Related field.
• Other: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or related professional certifications would be an added advantage.

Experience:

• Minimum of 10 years’ experience in IT Auditing or a similar role.
• Understanding of the key technology and general controls around enterprise. Applications and information systems.
• Strong experience auditing cloud environments, digital platforms, cybersecurity, and third-party vendors.

Knowledge:

• Knowledge of Systems and General IT Controls.
• Analytical skills to access Operational and Compliance Requirements of Application systems and infrastructure.
• Strong Data Analysis and experience with Computer Assisted Auditing Techniques.

Skill / Competencies:

• Deep understanding of fintech systems, digital payments, APIs, cloud infrastructure, and cybersecurity risks.
• Strong knowledge of IT control frameworks (e.g., COBIT, ISO 27001, NIST, NDPA).
• Excellent stakeholder management, communication, and presentation skills.
• High integrity, independence, and sound professional judgment.

Application Closing Date
Not Specified.

How to Apply
Interested and qualified candidates should:
Click here to apply online