JOIN OUR TEAM

Entrepreneurs Financial Centre (EFC) is a leading Microfinance Institution, licensed and regulated by the Bank of Zambia. For over 29 years now, we have served and empowered entrepreneurs with tailor-made financial solutions to help them take the next step in their business.

JOB SUMMARY

The Information Systems Auditor will be responsible for ensuring that EFC’s IT system adheres to security, regulatory, and compliance standards. He/she will also be responsible for performing on-site audits of IT and any other business systems, identifying possible vulnerabilities, and preparing audit reports based on the findings.

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Manage the resource planning and requirements for Information Technology Audit assignments, special assignments, and management requests.
• Lead and coordinate investigations for security incidents, breaches, and data leaks promptly.
• Enforce information security policies, standards, and procedures to ensure compliance with industry regulations and internal guidelines.
• Coordinate regular IT risk assessments to identify potential vulnerabilities and threats to EFC’s information systems. Develop mitigation strategies and action plans.
• Educate EFC employees about security best practices and conduct training sessions to enhance the overall security awareness within the organization.
• Enforce the implementation and maintenance of security technologies, including firewalls, intrusion detection systems, antivirus software, and access control mechanisms.
• Evaluate and monitor third-party vendors’ security practices and ensure that they comply with the EFCs security requirements.
• Maintain security metrics and reporting mechanisms to measure the effectiveness of security controls and identify areas for improvement.
• Develop Audit programs and ensure the appropriate testing mechanisms are developed.
• Communicate the results, findings, and recommendations of audit projects through written reports and face-to-face presentations on a timely basis to the Management.
• Maintain professional ethical standards and ensure internal audit activities are carried out in compliance with The International Standards for the Professional Practice of Internal Auditing (Standards) and IIA Code of Ethics
• Support the Head of Audit in coordinating with the External Auditors.
• Report on an ad-hoc basis on specific projects as and when necessary.
• Access Management lead: Ensure timely user deactivation on all platforms.
• In charge of the management of all security monitoring tools, reporting on all potential threats and providing recommendations for resolving incidences.
• Follow up on the implementation of audit recommendations promptly.

QUALIFICATIONS

• Grade 12 certificate
• BSC in Computer Science or related field.
• ITIL Foundation/COBIT 5 Foundations.
• CISA, CRISC, CISM, and CGEIT (advantageous).
• 2-3 years’ experience in Information Security Operations and/or Governance, Risk and Compliance coupled with exposure to implementing frameworks such as ISO 27001 and NIST and/or;
• 2-3 years of Corporate/IT Governance, Risk and Compliance and/or;
• 2-3 years of IT Auditing