Information Security Audit Manager

• Develop and execute risk-based IT audit plans aligned with business goals, risks, and compliance requirements.
• Identify and assess risks related to information systems, data security, and technology processes.
• Perform audits on systems, infrastructure, applications, and digital platforms to evaluate controls and effectiveness.
• Review compliance with regulatory requirements, including CBSL directives, ISO 27001, and other standards.
• Document and present audit findings, risks, root causes, and recommendations to management.
• Ensure timely closure of audit findings and provide guidance to IT and business teams on improvements.
• Conduct ad-hoc audits, system implementation reviews, and incident-related assessments when required.
• Collaborate with IT, Risk, Compliance, and other teams to strengthen governance and control environments.
• Stay updated on new technologies, cyber risks, and industry best practices, and apply them to audit processes.
• Support continuous improvement of audit methodologies and contribute to enhancing audit practices.
• Promote a strong risk-aware culture and ensure the integrity and security of the bank's systems through audits.

Requirements

• Bachelor's Degree in IT, Computer Science, Information Systems, or related field.
• Minimum 7 years of experience, including at least 2 years in a senior or executive-level role.
• Hands-on experience in IT audits, IT security, or technology risk management.
• Experience in a banking or financial environment is an advantage.
• CISA, CISM, ISO 27001 Lead Auditor , ACA, CIMA, ACCA (added advantage) certifications (Preferred)
• Strong understanding of IT risks, controls, and audit processes.
• Good analytical and problem-solving skills.
• Attention to detail and ability to deliver high-quality work.
• Strong communication and presentation skills.
• Team player with good interpersonal skills.
• Experience in data analytics for audits is a plus.