Senior Auditor ICT Systems Audit at BNR-National Bank of Rwanda

Job Responsibilities:

• Identify all risks associated with each auditable area. Rank risks based on their scores to determine which risks are high, medium, or low priority.
• Select the functions and processes to be audited based on the risk ranking. High-risk areas typically receive more audit attention.
• Identify and assess risks that could potentially impact the achievement of objectives of function/process to be audited.
• Develop detailed audit plans that outline the objectives, scope, methodologies, audit tests and timelines on specific audit assignments subject to Manager for review.
• Document audit findings with Criteria (what should exist), Condition (current state), Root Cause Analysis (reasons for issues), and Consequences (impact on operations)
• Conduct follow-up audits or reviews to verify the effectiveness of actions taken by auditees, update the implementation status of audit recommendations and produce follow up report.
• Identify and assess Information System risks, such as unauthorized access, data breaches, and system failures.
• Develop and implement risk mitigation strategies to protect the bank’s ICT infrastructure and data.
• Design and execute control tests to evaluate the effectiveness of Information system controls, including segregation of duties, access controls, and change management procedures.
• Ensure compliance with banking regulations related to Information system security, data privacy, and risk management.
• Assess the effectiveness of IT-implemented projects by evaluating whether project objectives were met, controls were integrated during development and deployment, risks were properly managed, and the final outcomes align with intended business and security goals.
• Lead and coordinate audit teams during fieldwork, ensuring proper task delegation, guidance, and timely completion of audit procedures in accordance with the audit plan.

Job Requirements:

• Master’s degree in information and technology (IT), Computer Science, Computer engineering, Software engineering, Business Information Technology, Cybersecurity, Information Security, data science, data analytics. or an equivalent.
• Three years of experience in Information System auditing or any other related field.
• Certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH), Certified Internal Auditor (CIA) is an added advantage.

Female Candidates are encouraged to apply.