Internal Auditor: Cyber & Information Security, Network and Infrastructure at Ecobank Transnational Incorporated
We have the largest Job seeker visits by alexa rankings. Post a Job
- Company: Ecobank Transnational Incorporated
- Location: Ghana
- State: Ghana
- Job type: Full-Time
- Job category: Banking Jobs in Ghana - IT/Telecom Jobs in Ghana
No views yet
Cyber & Information Security, Network and InfrastructureFunction Cyber & Information Security, Network and Infrastructure AuditSub Function Report to: (1)Head, Internal Audit (Ecobank Ghana)Manager, Internal Audit (eProcess , EGH & AWA)II. JOB PURPOSE
- Carry out audits and reviews of the Cyber & Information Security, Network and Infrastructure hosted by the institution
- Carry out other duties that may be assigned (ARRs, follow-ups etc.)
- Independent assessment of the effectiveness of Information Systems risk management process and practices
Information Systems Audit Objectives
- Information Systems Risk reviews.
- Provide assurance to the Board and Management on key risks and their management
III. JOB PRINCIPAL ACCOUNTABILITIES (Key tasks and indicate any additional activities arising from the job)INFORMATION SYSTEMS AUDITOR
- Carry out the periodic audit of information systems hosted by the institution and Group operations & Technology done in line with the approved Audit plan.
- Conduct audit and risk reviews of information systems including the following:
- UNIX AIX and Windows operating systems
- Portable devices such as laptops, notepads, smart phones, blackberry phones
- Data backup / storage, security, availability, integrity, classification and retention
- Windows Office applications including email
- Windows domain controller
- Assess the risk and security exposures associated with all software applications and databases used for the facilitation of banking services to the bank’s customers across all affiliates.
- Assess risk associated with the strategic planning and management of the activities of the information technology platforms in Accra and Lagos.
- Assess risks associated with Information Security, IT Security, business continuity and disaster recovery planning
- Assess risks associated with data security, portable devices, windows office applications and domain controller
- Conduct audit and risk reviews of the following Network and Communication Systems but not limited to:
- The institution’s network and communication platforms
- IDS / IPS
- Voice / Data / Video
- Conduct audit and risk reviews of Infrastructure including the following:
- Data Centers i.e. Accra, and Lagos
- Network and Internet Security
- Cloud computing
- Design / update I.S Audit programs and checklists for Networks, Communications and Infrastructure in line with international standards and new technology developments within the Group
- Plan and execute risk-based audit of Networks, Communications and Infrastructure
- Monitor and escalate key risk issues
- Carry out ad-hoc reviews
- Perform periodic IS Risk Assessments and maintain a technology risk map for institution and Group Operations & Technology
- Review and evaluate new technology products / services and associated risks.
- Independent participation in the review and evaluation of projects related to various information systems. networks, communications and infrastructure
- Share audit findings and recommendations for corrective action to the head of audit for management.
- Issue draft report within 10 days after completion of all audit assignments.
- Conduct training for colleagues (auditors), in order to improve the knowledge in auditing and enforcing controls in the IT systems.
- Assist in the preparation of quarterly board papers.
- Special Assignments and reviews.
- Perform other tasks that may be assigned by the Head of Audit and Audit Manager, eProcess & EGH
IV. JOB CONTEXT AUDIT RISK REVIEWS:
- Conduct audit risk review of critical platforms and the institution’s operations and issue report on findings
- Test to see if controls are working as they should
- Assist to provide reasonable assurance to management that risk identified are being managed.
V. JOB DIMENSION AUDIT RISK REVEWS:
- Provide trend analysis on key risks and recommend solutions
- Interact with all levels of staff, giving feedback on risk and control issues identified during audit reviews
- Provide advisory services to Functional Heads on risk and control weaknesses affecting their respective areas.
- Escalating risk and control issues and concerns to the head of audit for management attention.
- Assist in educating staff on risk the company is exposed to.
ExperienceVI. JOB SKILLS/EXPERIENCE
- At least six (6) years of hands on database and technology application management and related fields
- Developed a broad and deep knowledge of all operational systems and to perform periodic audits required to enhance operational efficiencies
- Ability to review Network performance by monitoring network devices(routers and switches etc.); evaluating and providing recommendations for resolving network issues; management of network tools; and providing advisory services.
- Ability to assess Network design and provide expert advice to network, operations, and technical support teams
- Ability to review IT Security Framework Design and Implementation.
- Ability to access Security Policy Design, Infrastructure Design and Analysis.
- Ability to perform Identity Management, Firewalls Security Reviews.
- Understanding and use of CAATs for analytics (e.g. ACL).
- Understanding of Risk Assessment Tools and Methodology.
- Proficiency in the use of Structured Query Language (SQL).
- Some programming and/or advanced database skills required.
- Knowledge of audit procedures and institution’s procedures and information technology standards.
- Knowledge of global banking systems, and system of controls within the banking environment.
- The incumbent must be detail oriented with an eye for precision
- Ability to assess network performance by developing a protocol for measurement of results and identification of problem areas.
- Excellent written and verbal communication skills with good presentation skills
- Strong planning and execution skills; ability to set priorities and work under pressure
- Ability to interact and present ideas effectively to all levels of staff
- High level of logical and analytical thinking
- Risk based audit techniques
- University degree in Computer Engineering and Information Technology or related fields
- Equivalent professional qualification in Information Systems Security and/or Audit
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Certified Information Systems Security Professional(CISSP)
- Cisco Certify Network Associate (CCNA)
- Cisco Certified Network Professional (CCNP) +
- CompTIA Network++
Method of ApplicationSubmit your CV and Application on Company Website : Click Here
Closing Date : 28th June, 2023