Overview

Wema Bank Plc – Widely reputed as the longest-surviving and most resilient indigenous bank in Nigeria, Wema Bank Plc has over the years, diligently offered a fully-fledged range of value-adding banking and financial advisory services to the Nigerian public.

Job Position: Information Security Auditor

Job Location: Lagos

Job Description

  • The Information System Auditor is responsible for conducting audits and assessments of the organization’s information systems to ensure that they are secure, reliable, and compliant with internal policies and external regulations.
  • The is Auditor will work closely with other departments to identify vulnerabilities, recommend improvements, and ensure the effective implementation of controls.

Job Responsibilities
Audit Planning and Execution:

  • Develop and execute audit plans for evaluating the effectiveness of information system controls.
  • Conduct risk assessments to identify areas of potential vulnerability and non-compliance.
  • Perform detailed audit procedures including interviews and system reviews.

Risk Management:

  • Assess and evaluate the organization’s IT infrastructure to identify potential security risks.
  • Provide recommendations for mitigating risks and improving overall security posture.
  • Monitor and report on the status of risk management initiatives and control effectiveness.

Compliance and Regulatory Audits:

  • Ensure compliance with relevant laws, regulations, and standards (e.g., SOX, GDPR, HIPAA, ISO/IEC 27001).
  • Prepare and present audit reports to management, highlighting findings and suggesting corrective actions.
  • Collaborate with regulatory bodies and external auditors as required.

Security and Control Assessment:

  • Evaluate the adequacy and effectiveness of security measures in protecting information assets.
  • Assess access controls, encryption mechanisms, and other security protocols.
  • Test system configurations and software applications for compliance with security policies.

Continuous Improvement:

  • Collaborate with stakeholders on current trends, emerging technologies, and best practices in information security and auditing.
  •  Recommend and implement improvements to the audit process and control environment.
  • Ensure participation in professional development opportunities and certifications that will add value to the organization and aid the growth and advancement of best practices.
  • Work with Audit Client/IT and Digital compliance team to ensure closure of Audit exception.

Stakeholder Communication:

  • Communicate audit findings and recommendations to stakeholders, including Senior Management and the Board.
  • Develop and maintain effective relationships with business units and external auditors.

Job Requirements
Education / Certifications:

  • Bachelor’s Degree in Information Technology, Computer Science, Information Systems, or a related field.
  • Advanced degrees or certifications (e.g., CISA, CISSP, CPA) are highly desirable.

Experience:

  • Minimum of 3-5 years of experience in IT auditing, information security, or a related field.
  • Experience with audit tools and methodologies, risk assessment, and control evaluation.

Skills and Competencies:
Technical Proficiency:

  • Strong understanding of IT systems, networking, databases, and cybersecurity principles.
  • Familiarity with auditing tools and techniques such as ACL, IDEA, and other data analysis software.

Analytical Skills:

  • Ability to analyze complex data and systems to identify potential risks and issues.
  • Strong problem-solving skills and attention to detail.

Communication Skills:

  • Excellent written and verbal communication skills.
  • Ability to present technical information in a clear and concise manner to non-technical stakeholders.

Organizational Skills:

  • Strong project management skills and the ability to manage multiple audits simultaneously.
  • Excellent time management and organizational skills.

Ethical Standards:

  • High level of integrity and professionalism.
  • Commitment to maintaining confidentiality and ethical standards in all activities.

How to Apply
Interested and qualified candidates should:
Click here to apply online