Zedcrest Group is a new age, goal-driven financial services Group, with 3 subsidiaries (consumer lending, fund management and securities trading) regulated by the Central Bank of Nigeria and the Securities and Exchange Commission. We are also a Venture Capital Firm with investments in about 50 tech start-ups.
Job Position: IT Auditor
Job Location: Lagos
- We are looking to hire an IT Auditor with an analytical mind and expertise in IT systems, applications, and infrastructure.
- IT Auditors are expected to have outstanding problem-solving skills, meticulous attention to detail, and a great understanding of cybersecurity trends.
- Execution of IT Infrastructure and Cyber Security audits
- Performing Information Security Risk Assessment to develop audit plan and supporting other audit initiatives
- Conduct risk-based infrastructure audits, including cyber security coverage within a diverse technology environment, including vendor and cloud platforms.
- Prepare clear and concise audit work papers.
- Identify and document control weaknesses, draft planning memos and audit reports, and discuss pragmatic suggestions for remediation with Management.
- Participate in the quarterly issue verification process, including validating the satisfactory completion of outstanding issues raised by regulators and/or audits where required.
- Conduct continuous monitoring of technology initiatives and processes to identify areas of increasing and emerging technology risks; escalate risk issues as appropriate, follow-up on solutions and propose specific coverage.
- Execute data analytics, where appropriate, to move towards more automated testing execution within audit department.
- Perform multi-platform (application, database, operating system, middleware, monitoring tools, and business processes) level assessments based on predefined test objectives and test plans.
- Perform retest of controls that have been remediated or updated as a result of previously identified deficiencies.
- Obtain, review, and interpret evidence provided to validate controls are performed effectively.
- Execute and report on results of IT Compliance assessments in accordance with industry best practices and established regulatory standards and requirements
- Obtain, review, and interpret organizational IT policies, standards, and procedures to identify control points that would assist in mitigating risk to the business.
- Review test results or interpret evidence to address vulnerabilities, gaps, or control deficiencies; work with stakeholders to establish plans for sustainable resolution.
- Identify risks associated with control failures and supports the identification of mitigating controls
- Partner with control owners to ensure control documentation is updated periodically to reflect current control environment
- Perform other tasks as necessary to ensure that the Compliance meets its commitments to customers
- Investigate security and data breaches to identify incident root causes, internal control gaps/failure points and vulnerabilities exploited; and to proffer solutions/recommendations to prevent reoccurrence and exposure to corporate liability, sanctions, and litigations.
- Carryout review of Group’s data security, threat intelligence, vulnerability management and security monitoring activities
- Bachelor’s Degree in Information / Technology / Computer Science or any relevant discipline.
- Certified Information Systems Auditor (CISA) will be an added advantage
- Expert in Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web-Proxy, and Security Audits.
31st January, 2023.
How to Apply
Interested and qualified candidates should:
Click here to apply online