Information Systems Auditor at Co-operative Bank of Kenya

• Conduct special audits as required, leveraging on Computer-Assisted Audit Tools (CAATs) such as, Python, ACL, and SQL Developer to efficiently extract, transform, and analyze large volumes of data
• Identify opportunities to automate audit procedures and develop scripts to enhance Robotic Process Automation (RPA) for improved efficiency and accuracy.
• Design, implement, and maintain data analytics models and scripts to support continuous auditing and monitoring activities.
• Collaborate closely with audit teams to understand specific audit requirements and translate them into effective data analytics and automation solutions
• Conduct comprehensive penetration tests on the bank’s web, mobile banking, and other operational applications, networks, and ICT systems to evaluate the effectiveness of the implemented cybersecurity framework.
• Evaluate compliance with IT security policies, standards, and regulatory requirements across business units and ICT infrastructure.
• Stay up to date with emerging cyber threats, vulnerabilities, and regulatory developments in the cybersecurity landscape.
• Perform independent threat and vulnerability assessment tests and report on cyber risks and controls of the ICT systems within the bank and other related third-party connections.
• Test the adequacy and effectiveness of control measures on information systems, operational processes, credit, department operations and recommend corrective measures to be undertaken in areas of weakness.
• Utilize extensive understanding of business activities to recommend scope and objectives of assigned audits, execute audit procedures, perform detailed analyses, reach sound conclusions, and document results for assigned audit activities.
• Ensure that all instances of significant risk or lack of control are properly identified, all findings are factually based& reported, with pragmatic & balanced recommendations & reports delivered in a timely manner.
• Actively participate in discussing audit findings and recommendations with line managers of the areas under review.
• Facilitate the communication of audit results and special projects via written reports and oral presentations to management.
• Assist in the annual risk assessment process and generation of annual audit plan.
• Assist in training/mentoring staff and develop and maintain the skills, knowledge and expertise to make valuable contribution to the internal audit team.

• Bachelor’s degree in information systems or computer science from a recognized university. Possession of an MSc or other relevant postgraduate qualifications will be an added advantage.
• Experience with intelligent technology integration, including machine learning (ML) using Python or R, AI and natural language processing (NLP) and familiarity with audit automation tools such as ACL Robotics.
• Professional certification in IT Audit, Risk and Security e.g. CISM, CISSP, CISA, CRISC
• Excellent understanding of auditing concepts and practices with a minimum of 3 years’ experience in management role in IT and operations or IT and operation audit.
• Skilled in project management and maintaining composure under pressure while meeting multiple deadlines.
• Demonstrable knowledge in risk assessment and control concepts/methodologies.
• Skilled in negotiation and conflict management to resolve problems that may arise during an audit.
• Excellent oral and written skills; a strong verbal communicator, analytical writer and able to clearly and concisely convey personal observations of processes, risks and controls.
• Excellent analytical ability both qualitative and quantitative to draw sound conclusions coupled with demonstrated knowledge and proper application of sampling techniques.
• Excellent attention to details and organizational skills.

Myjobmag