IT Audit Analyst at Nigerian Exchange Group (NGX Group)

Nigerian Exchange Group (NGX Group) is a leading financial market infrastructure provider in Africa, connecting Nigeria, Africa and the world.

We are recruiting to fill the position below:

Job Title: IT Audit Analyst

Location: Lagos, Nigeria
Job type: Full-time

About the Job

• The IT Audit Analyst would be required to have a good understanding of the Exchange Group policies, overall mission, and strategy, as well as knowledge of internal control principles, audit practices, and compliance in an IT-related field with background experience preferably from a listed company.
•  S / He will be responsible in assisting to ensure that Internal Audit adopts industry best practices in Information Technology Audit duties across the Group’s operations. This position reports to the Information Technology Auditor.

Responsibilities
Access control reviews on various systems used in NGX:

• Review and ensure that access control strategy aligns with the corporate identity policy and the IT architecture of NGX.
• Review and ensure that a unique identity is used to initiate a transaction and ensure that the user is currently authorised to perform such action.
• Ensuring that access violations are identified. E.g. resigned staff accounts still active on NGX applications.
• Information Security Reviews.

Post-Implementation Reviews of IT Projects:

• Review to ensure that business objectives are achieved.
• Reviews to identify risks introduced during the vendor selection, pre-implementation, and go-live phases due to system adaptation for NGX’s Users and processes.
• Review and ensure that key controls were embedded through the application acquisition life-cycle and go-live of various applications and processes.
• Software Development Life Cycles.

Audit Reporting:

• Maintaining work papers.
• Follow up and report on implementation of internal and external audit recommendations.
• Ensure effective follow-up with Auditees for resolution of all outstanding weighty exceptions and open items, and Management Letters raised during IT audits and by external auditors respectively.
• Participate in Cross-Functional Reviews – Financial, Operations, Compliance, IT, and Investigations.
• Preparation of Departmental Quarterly Reports.

Business Continuity Reviews:

• Participate in the review of business applications (X-Stream, ERP, etc.) in the event of fires, terrorist attacks, extended power failures, equipment, and telecommunications failures.
• Review DR incidences as it relates to RTO and RPO, Ensure adherence to Disaster Recovery / Business Continuity principles.

Continuous Auditing of IT Related Activities:

• Ensure that all IT-related activities are reviewed for compliance and consistency.
• Reviews of IT implementation and ensure that they meet the needs of users.
• Ensure that the disaster recovery processes in the NGX would be available and sufficient enough to withstand major disruptions to our information systems.
• Continuous auditing of X-Stream and ensure that data from the application are accurate and free from error or manipulation.
• Review IT Policies & Procedures Review and generate Gap analysis Report.
• Ensure proper monitoring of IT Operations (Backup & Recovery, Management of Storage Media, Problem and Incident Management).

Reviews of Change Management:

• Ensure that change management procedures are standardised and followed in all IT-related system changes (maintenance, patches, etc.).
• Ensure Data Centre Best Practices.

Key Performance Indicators
Financial:

• HoldCo and Subsidiaries PBT.
• Price – Earning (P/E) Ratio.

Customer:

• Departments and Business Units across the Group Rating Score.

People:

• Employee Net Promoter Score (e-NPS).

Audit Execution:

• 90% of information technology issues raised by external auditors should be previously identified by Internal Audit.
• Review all high-risk rated departments/processes and at least 50% of medium - low risk rated departments annually.

Process & Others:

• Number of Strategic Initiatives Successfully Implemented.
• Execution of not less than 90% of planned Information Technology audit in the approved annual plan across the Group.

Educational Qualification
To successfully deliver the above goals, the right candidate must have:

• First Degree or its equivalent in Computer Science, Numerate Sciences, Accounting, Information Technology, or a similar field.
• Relevant professional qualifications such as CISA (Certified Information Systems Audit), ISO27001, ITIL, ACA will be added advantage.

Candidates Experience:

• Minimum of three (3) years post NYSC experience in core IT, Information Security, or IT Audit roles.
• Experience in the financial services or capital market industry will be an added advantage.
• Be known for having high integrity and the ability to build trust with stakeholders.
• Must be able to build strong partnerships with business and corporate staff, communicate to a wide variety of audiences in clear, understandable language, and be a skilled facilitator of group action. Should have knowledge of Various Standards and Frameworks which include ISACA framework, COBIT, COSO, SOX, ICFR, BASEL 1 & II, etc.

Desired Competencies and Skill Requirements:

• Strategy
• Execution
• Attention to details
• Excellent communication
• General Management
• Integrity
• Conceptual thinking
• Decisiveness
• Building Trust.

Application Closing Date
Not Specified.

How to Apply
Interested and qualified canddiates should:
Click here to apply online