Job Purpose:

Our purpose is transforming lives, giving dignity, and expanding opportunities for wealth creation.

The Audit Manager – Cybersecurity Audits is responsible for conducting comprehensive cybersecurity audits and assessments across the Group. This role plays a crucial part in evaluating the effectiveness of cybersecurity controls, identifying risks, and providing strategic recommendations for improvement to ensure compliance with relevant regulations and industry standards.

Reports to Senior Manager – Cybersecurity Audits

Job Responsibilities:

Cybersecurity Audit Execution:

• Participate in the planning and execution of cybersecurity audits across the Group.
• Conduct complex cybersecurity audits across various business units and subsidiaries, focusing on areas such as access management, network security, data protection, and incident response.
• Evaluate the design and operating effectiveness of cybersecurity controls, ensuring alignment with internal policies, industry best practices and regulatory requirements.
• Perform technical testing and analyses, such as vulnerability assessments, penetration testing, and data analytics.
• Collaborate with other audit teams to deliver integrated audits and advisory assignments

Audit Reporting and Documentation:

• Prepare comprehensive audit reports detailing findings, risks, and recommendations for remediation.
• Document audit procedures, evidence, and working papers in accordance with established standards and methodologies.
• Collaborate with stakeholders to validate findings and ensure accurate reporting.

Risk Assessment and Recommendations:

• Analyze and evaluate the potential impact of identified risks on the organization’s operations and cybersecurity posture.
• Provide practical recommendations to mitigate risks and enhance the effectiveness of cybersecurity controls.
• Assist in the development and implementation of remediation plans, as necessary.
• Contribute to cybersecurity advisory projects and assessments, providing subject matter expertise and guidance.

Continuous Learning and Development:

• Stay updated with emerging cybersecurity threats, regulatory changes, and industry best practices.
• Participate in training and professional development opportunities to enhance technical and auditing skills.
• Contribute to the improvement of audit methodologies and procedures within the team.

Stakeholder Management and Mentorship:

• Collaborate effectively with cybersecurity teams, IT teams, business units, and relevant stakeholders during audit engagements.
• Foster positive relationships and maintain open communication channels to facilitate the audit process.
• Provide guidance, mentorship, and support to junior auditors and team members.

Requirements

Qualifications

• Bachelor’s degree in computer science, information technology, cybersecurity, or a related field from a recognized university.
• Professional certifications such as CISA, CISM. Must also hold a cybersecurity testing certification such as OSCP, CCIE Security or equivalent cybersecurity auditing certifications.
• Minimum of 5 years of experience in cybersecurity auditing, IT audit, risk management, or related roles with a minimum of 3 years’ experience in conducting Cybersecurity reviews such as Penetration Testing, Vulnerability Assessments.

Competencies:

• Experience in conducting vulnerability assessments and penetration testing exercises against applications, networks, systems etc
• Strong understanding of cybersecurity frameworks, standards, and regulations (e.g., NIST, ISO, PCI-DSS).
• Proficient in the use of penetration testing and security assessment tools.
• Familiarity with auditing tools, techniques, and methodologies, including data analytics and automated testing.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong communication skills, both written and verbal, for effective reporting and collaboration.
• Ability to work in a team environment and collaborate with cross-functional stakeholders.
• Willingness to travel domestically and internationally as required. Results orientation
• High integrity and strength of character