Job Location: Kampala, Uganda
Employer: DFCU Bank
DFCU Bank would like to recruit a Senior Audit Manager-Information Technology. Reporting to the Head of Internal Audit, the Senior Audit Manager-IT will be responsible for leading IT audits that provide reliable, valuable and independent assurance to the Board and management on the effectiveness of the IT general controls, IT processes, governance and other Information Technology and digital frameworks and applications within the bank.
Duties and responsibilities
- Lead and execute information technology audits encompassing the areas of IT general controls, application controls, IT processes, project management and data integrity audit projects. Execute initiatives within the bank, utilizing information technology frameworks, and other relevant regulatory guidance where applicable;
- Stay abreast of industry IT trends to identify potential issues and risks, as well as relevant best practices, laws, rules and regulations impacting financial institutions and ensuring that the changes are incorporated into the audit planning and risk assessment process;
- Execute high value IT audits, identify risks, assess mitigating controls, determine “root causes” and make value-add recommendations to improve the control environment through well-developed audit reports;
- Leverage knowledge of systems and data and document all reviews in a manner consistent with acceptable professional standards, including supporting audit procedures, findings and results;
- Follow-up on open audit issues and their resolution, review evidence of closure of findings and determine that evidence of remediation is appropriate to effectively mitigate the risks raised;
- Provide an independent view of risk management and internal controls practices within the bank and provide technical advisory to management on the assessment of IT risks and controls related to the bank’s business operations;
- Provide leadership and supervision of all IT related audits and assurance reviews within the bank in compliance with the audit methodology and professional standards such as IIA and ISACA;
- Execute audit planning, fieldwork, and reporting for information technology, information security, system and integrated audit engagements;
- Prepare the Quarterly Management Information Systems reports for the Board audit committee;
- Prepare audit reports highlighting the most significant control weaknesses and resulting impacts to the bank.
- Engage with Project Managers and Executive Sponsors of strategic business projects to identify areas of advisory and assurance review services;
- Carry out advisory reviews for major IT-related systems, projects, and innovations in order to minimize risk and enable achievement of the Bank’s strategic goals;
- Perform special projects as assigned by the Head of Internal Audit or Audit Committee such as information security reviews and IT fraud investigations;
- Develop strategies and innovative ways to improve the department’s ability to identify enterprise risks within IT and develop audit procedures that help ensure these risks are appropriately managed;
- Mentor and coach team members and support them to develop their capabilities and provide technical guidance and support during execution of audit assignments; and
- Mitigate the risk of financial loss by ensuring that IT assurance reviews cover assessment of budget performance of project costs against approved budget. Make recommendations to minimize exceptions.
Qualifications and experience
- Bachelor’s Degree in Computer Science/Information Technology/Management Information Systems, Finance, Accounting or related discipline.
- Technical professional certification required (CISA, CISSP, CISM, CRISC or MS SQL Server);
- At least 5 years’ experience in a senior IT management or IT Audit function within COBIT/CISSP/ITIL or related experience;
- Advanced understanding of concepts related to information technology risk and control, including logical and physical security, system development lifecycle, change management, IT operations, business continuity management and network technologies;
- Strong knowledge of relevant industry IT frameworks and core banking systems, as well as knowledge of the banking laws and regulations;
- Experience analysing data and coding with specialized tools (MS SQL Server, IDEA, ACL);
- Proficiency with Microsoft Office applications, including Word, Excel, Access, and PowerPoint;
- Working knowledge in the areas of financial applications, Windows operating systems, application development lifecycle, data center operations, network security audits, internet and related technologies, general network technologies, ERP Systems, databases;
- Strategic thinker with good analytical and problem-solving skills; and
- Strong project management and stakeholder management skills.
Interested persons should submit their CV and a cover letter to email@example.com by not later than 26 March 2021. Only shortlisted candidates will be contacted