Senior IT Auditor

Key Responsibilities

1. IT Audit Planning and Execution

• Support the development and execution of the annual risk-based IT audit plan.
• Collaborate and liaise with the Group Central IT Audit team to align local audit work programs with Group methodologies and global security standards.
• Conduct comprehensive IT audits covering core banking systems financial applications digital channels cybersecurity cloud environments databases and IT operations.
• Perform technical audits of key platforms Core Banking system Sage X3 digital banking applications POS/card platforms and payment gateways.
• Evaluate IT General Controls (ITGCs) including user access management change management backup/recovery incident management and vendor management.
• Assess IT application controls including maker-checker integrity input validation system configuration interface controls and exception monitoring.

2. Cybersecurity Data Privacy & Regulatory Compliance

• Assess the adequacy of cybersecurity controls vulnerability management programs threat monitoring and information security governance.
• Verify compliance with applicable regulations including CBN technology and cybersecurity guidelines NDPA/NDPC data protection requirements and internal information security frameworks.
• Review IT disaster recovery plans business continuity plans (BCP) system logs privileged access controls and password management protocols.
• Provide robust assurance reviews over digital transformation initiatives fintech partnerships and third-party vendor integrations.

3. Reporting Follow-Up & Advisory

• Prepare clear risk-focused audit findings structured around criteria condition cause impact and recommendation.
• Collaborate with IT and business process owners to agree on practical SMART (Specific Measurable Achievable Relevant Time-bound) management action plans.
• Track validate and report on the implementation of internal IT audit recommendations external audit findings and regulatory directives.
• Escalate high-risk recurring or overdue IT control weaknesses directly to the Chief Internal Audit Officer and the Group IT Audit Director.
• Provide proactive independent control insights on upcoming IT projects and system migrations without assuming management responsibility.

Qualifications :

Education & Professional Certifications:

• Education: Bachelors degree
• Professional Certifications: Active certification (or advanced progress toward completion) is highly preferred:
  • CISA (Certified Information Systems Auditor) Strongly preferred
  • CRISC (Certified in Risk and Information Systems Control)
  • CEH (Certified Ethical Hacker)  and
  • Other recognized IT Audit certifications.

Experience Required:

• Minimum of 57 years of relevant experience in IT audit information security technology risk or systems control.

Remote Work :

No

Employment Type :

Full-time