Senior Associate, IT Audit

Flutterwave was founded on the principle that every African must be able to participate and thrive in the global economy. To achieve this objective, we have built a trusted payment infrastructure that allows consumers and businesses (African and International) make and receive payments in a convenient borderless manner.

The Role: Flutterwave is looking for a Senior Associate, IT Audit whose responsibilities will include planning and executing  the comprehensive audits of the organization’s information systems and security practices. It also includes evaluating the effectiveness of IT controls, identifying vulnerabilities, and ensuring compliance with regulatory standards and internal policies.

What Your Day-to-Day Activities Will Be Like 

• Contribute to the development and implementation of the organization’s Information systems’ audit, and cybersecurity audit strategy.
• Facilitate planning and execution of IT, security, system implementations, and data privacy audits while maintaining independence and adhering to industry standards. 
• Assess the effectiveness of the organization's information systems and cybersecurity controls and recommend improvements.
• Conduct IT risk assessments to identify and evaluate potential threats and vulnerabilities.
• Manage timelines for audits/projects, identify and assess issues, develop audit reports, and review supporting documentation according to departmental standards. 
• Identify key IT, security, and data privacy risks and contribute to the development of the annual IT Internal audit plan.
• Provide technical and operational assistance to business areas for IT control development and documentation, leveraging data analytics for effective audits.
• Serve as the departmental IT subject matter expert and enhance internal knowledge of IT controls and auditing concepts.
• Develop and implement audit methodologies and practices tailored to the organization’s risk profile and industry standards.
• Collaborate with the IT department to ensure compliance with cybersecurity policies, standards, and regulations.
• Coordinate with external auditors and regulators during audits and assessments. 
• Perform other duties as assigned or requested.

Required competency and skill set to be a Waver (in this role)

• Bachelor's degree in Information Systems, Information Security, or a related field.
• Minimum of 5 years experience in IS auditing, Information security or related fields.
• A comprehensive understanding of the Global Internal Audit Standards (IIA), leading IS audit practices and standards, (E.g., ISO 27001, NIST, GDPR, ISAE, PCAOB, ISA, GAGAS), as well as Information Security Management System (ISMS) standards. 
• IT risk-based internal audit experience with excellent knowledge of internal control concepts and auditing techniques (ITGC & ITAC).
• Fintech and Big 4 experience is a plus.
• At a minimum have a Certified Information System Auditor (CISA) designation or other relevant professional education, certifications, and credentials (E.g., CIA, CISM or CPA). 
• Proven experience in planning and executing ISMS audits and assessments, managing and supervising audit teams. 
• Strong knowledge of the IT risk management, control, governance and business processes within the fintech industry. 
• Knowledge of internal audit functions, especially in information technology and data security. 
• Extensive knowledge of IT audit standards, frameworks, and methodologies, including COBIT, ISO 27001, 20000, 22301, 27032 and NIST. 
• Proficient in conducting IT audits across various domains such as IT general controls, application controls, cybersecurity, cloud security, and data privacy. 
• Strong understanding of cybersecurity principles, including threat and vulnerability management, incident response, and cybersecurity governance. 
• Ability to assess and evaluate the effectiveness of IT and cybersecurity controls, recommending improvements to mitigate risks. 
• Familiarity with IT infrastructure, including networks, databases, operating systems, and applications, and their associated risks.

Click here for the Flutterwave Recruitment Consent Form and Flutterwave Privacy Policy