Head, IT Audit & Investigation Unit

Job Objective:

• To provide independent and objective assurance/consulting services to
  Management, the Board, and regulator with the aim of adding value and improving
  the organization’s operations, by bringing a systematic, disciplined approach to
  evaluate and improve the effectiveness of risk management, controls (especially IT
  controls) and governance processes

Key objectives:

• Coordinate the activities relating to the IT Audit Unit (within the IA function) of the Company and its subsidiary entities and provide support to the Chief Audit Officer and the Head of Internal Audit & Investigations Function Conduct comprehensive risk assessment of the Company’s IT audit universe as a base for annual audit plan.
• Deliver on the Company’s annual IT audit plan and ensure that IT audits are performed in line with the required standards.
• Ensure that audit issues are appropriately raised and addressed, and keep key stakeholders informed of IT audit activity.
• Forge relationships with the SBUs covered by the IA function in order to be abreast of latest developments.

Education/ Professional Qualification:

• 3 years of leadership experience, or at middle management/supervisory level will
  be an added advantage.
• Academic/Professional: BSc. from a reputable tertiary institution (preferably in IT,
  Computer Science, or other business-related fields).
• Professional qualification (i.e. CISA, ISO 27001 LA, MCSA, CCNA /CCNP Security, or
  others of similar equivalence).
• Professional qualifications of any Penetration testing or Cybersecurity related field
  will be an added advantage (CEH,OSCP, PJPT, EJPT, BSCP)
• Possession of a Masters in a relevant discipline will be an added advantage

Experience:

• 4 – 5 years of experience in Information Technology Audit, Information Risk or
  Information Security.
• Minimum of 2 years of experience in Technology Operations will be counted as a
  significant advantage.
• knowledge on how to manage an IT audit process from audit planning to Testing,
  audit reporting and follow-up.

KEY SKILLS & COMPETENCIES REQUIREMENTS:

Technical:

• Act in line with the AXA values: Customer First, Courage, Integrity and One AXA
• Information Technology: Intermediate understanding of network architecture,
  server architecture, databases. Prior experience within technology is a plus
• Data Analytics: Basic proficiency in data analysis tools and techniques (Excel, SQL
  and/or Power BI)
• IT General Control: Intermediate Knowledge of IT General Controls
• Application Controls: Good Knowledge of Application Controls
• Framework: Basic knowledge of Key Technology Control Framework (COBIT, ISO
  27001 LA, ITILL and NIST Cybersecurity Framework.
• Good communication and audit report writing skills
• Good presentation skills

Behavioural:

• Think objectively demonstrating sound judgement
• Be detail-oriented and Confident
• Strong interpersonal and relationship management skill, and ability to influence at
  management level.
• Strong Problem Solving and Time management skills
• Self-management
• Good sense of responsibility, accountability, and dependability
• Work effectively under supervision (as part of a team) and resilient under pressure
• Flexible and able to adapt to change
• Ability and desire to keep learning
• Intellectually curious with strong listening skills.