Team Lead, Governance, Risks and Standards at First Bank

JOB OBJECTIVE(S)

• Provide assurance on the effectiveness and efficiency of Information Systems and Cybersecurity Risk Management, Control and governance processes within the bank and subsidiaries to achieve strategic and business  objectives
• Provide assurance that the bank and subsidiaries are adequately protected against third party vendor and outsourcing risks.

DUTIES & RESPONSIBILITIES

• Acts in the absence of Head, IS Audit for issue relating to Governance, Risks and Standards

• Participate in the preparation Risk based Audit plan for Governance, Risks and standards audits

• Ensures the currency of checklists for audit teams in line with changing standards and best practices for continuous improvements

• Develops and communicates draft audit Terms of Reference and participates in formal audit meetings

• Plans, coordinates and executes annual Enterprise Information Technology and Governance Audit using COBIT5 Framework
• Plans, coordinates and executes Data Protection Framework
• Plans, coordinates and executes E-Risk Management Framework, Operational Risk Management and other related Frameworks/policies

• Plans, coordinates and executes the audit of the Bank’s

• ISO 27001 - Information Security Management Systems
• ISO22301 – Business Continuity Management Systems
• PCIDSS     -  All in-scope departments
• ISO20000 – Service Management
• ISO9001   – Quality Management Systems

• Plans, coordinates and executes IT Outsourced Service Providers audits

• Supervises GRS audit teams in the various engagements to ensure the audits are performed in line with Internal Audit Methodology and relevant professional standards

• Provides first level assurance review of team’s outputs and ensures knowledge sharing and on the job coaching of team members.

• Participates in Governance, Risks and Standards related projects to ensure that stated benefits are realized

• Co-ordinates the follow-up and timely regularization of audit exceptions and assurance of GRS team.

• Coordinating Operational Risk process reviews to ensure  Security Operations team’s compliance with Operational Risk Governance Framework

• Carries out ad-hoc activities as assigned by the Unit Head and/or CAE

• Complies with the principles and policies in the Information Security Handbook

JOB REQUIREMENTS

Education

• B.SC. Computer Sciences or related disciplines
• Professional certifications (CISA,  CRISC, ISO 27032, ISO 22301 & ISO 27001, ISO 20000, COBIT 5, ISO 9001, PCIDSS etc. )

Experience

• Minimum experience - 8 years in Information Systems and 5 years in Audit/control /Information/ Standards & Frameworks