Lead, Internal Control (Digital)

Company Description

Standard Bank Group is a leading Africa-focused financial services group, and an innovative player on the global stage, that offers a variety of career-enhancing opportunities – plus the chance to work alongside some of the sector’s most talented, motivated professionals. Our clients range from individuals, to businesses of all sizes, high net worth families and large multinational corporates and institutions. We’re passionate about creating growth in Africa. Bringing true, meaningful value to our clients and the communities we serve and creating a real sense of purpose for you.

Job Description

To assess controls around IT infrastructures, including network devices, applications and databases as well as all IT project development. During the process, completes work timely and in accordance with Control Methodology and other applicable standards, and defined plans, budgets, and schedules.

• Perform IT security reviews involving people, processes, and technologies. Auditing operating systems, firewalls, intrusion detection systems, databases, web servers, messaging servers, network components and industry specific technologies in line with best practices.
• Assess network architecture to identify configuration and topology issues through analysis of the design and configuration of the network.
• Evaluate security risk of all kinds of applications; stand-alone, network based and web based . This will cover high-level design audit, black-box testing, source code reviews, development and delivery audit as well as operating environment audit.
• Perform process risk analyses, prepare process maps and flowcharts, and prepare effective and efficient compliance and substantive test plans; prepare and perform testing of controls.
• Maintain  a wide network and collaboration with key stakeholders in the Bank such as Operational Risk, Risk Assurance, Group Internal Audit,

Qualifications

• First Degree in Computer Science or related discipline from a recognised Institution.
• Certified Information System Auditor (CISA). Additional certification e.g. CISM, CRISC; an added advantage.
• At least 4 years’ experience in Information Systems Audit
• Proficiency in banking applications and e-business platforms.Good understanding of banking products & processes, policies and procedures.
• Report writing/Investigation skill
• Interpretation of COBIT,ITIL,SOX , CISA,CISM,CISSP
• Ability to use Finacle, ACL or Data Analytical tools.

Additional Information

Technical Competencies:

• Data Management (Administration)
• Fraud Investigation
• IT Knowledge
• Promote Good Governance, Risk & Control
• Risk Identification
• Risk Management
• Risk Reporting

Behavioural Competencies:

• Communication skills
• Examining Information
• Exploring Possibilities
• Following Procedures
• Interpreting Data
• Team Working
• Upholding Standards