JOB DETAILS:

Reporting to the IT Advisory Manager/Director, the individual will be responsible for planning engagements, supervising staff, and executing IT Risk Advisory, IT Risk Management, Application Controls Securing Assessments, ERP Functional and Securing & Controls, Embedded Risk Management, and other IT Audit projects as needed.

Essential Duties and Responsibilities:

• • Managing the delivery of timely engagement results and high-quality deliverables in accordance with professional and industry standards.
  • Hands-on delivery and execution of project tasks for complex technology environments
  • Presentation and communication of project status and risk-based observations and proposed solutions to client’s senior management
  • Developing and maintaining relationships with stakeholders and identifying technological and operational risk mitigating opportunities as a first choice advisor
  • Supporting, training, and mentoring staff level personnel and coordinating with client resources as needed
  • Establishing performance expectations for staff level personnel and providing performance feedback

Specific:

• Developing and managing the execution of IT Risk Assessment in conjunction with the implementation of Enterprise Risk Management governance structures/programs and the development of client annual audit plans
• Planning and managing the execution and delivery of client’s risk-based IT audit plans, which must include IT general control systems, IT application control reviews, IT infrastructure reviews, IT operational process reviews, IT governance & strategy design assessments, and SOX compliance related activities
• Leading the execution of highly specialized reviews such as data integrity, information security and assessment, technical compliance reviews, etc.
• Developing leading practice IT Integrated Internal Audit Methodologies, for internal use and client service delivery
• Identifying and assessing business / operational processes, IT risks, and internal controls to evaluate the design and operating effectiveness of the overall control environment
• Developing and leading ERP (e.g., SAP BI, SAP ECC, Nano, PeopleSoft, Oracle, Microsoft Navision, Finacle) advisory and assurance related activities, which may include business process improvement, Security risk & controls review, SOD analysis, SOD conflict management design, and application security assessments
• Experience or knowledgeable of practices related to delivering data protection, breach management and regulatory privacy assessments
• Experience of knowledge of practices related to delivering NIST based information security reviews based on the clients implementation of frameworks such as, NIST 800.53% and NIST 800.71

Business development:

• Advising once leadership on the development and execution of the IT Risk service line growth program and overall go-to market strategy
• Identifying opportunities within current engagements to expand the scope of services rendered and the ability to be market facing to identify and potentially pursue new client prospects
• Participating in professional organizations and developing leading practice point of view of relevant IT Risk related topics for internal marketing and external organizational branding

Integrated Audits:

• Partnering with financial audit teams to effectively integrate and coordinate appropriate IT General controls testing procedures in accordance with ISA 240 and ISA 315
• Partnering with management to develop and validate draft IT audit reports and establish practical corrective action plans in response to technology and operational risks / observations

Knowledge area requirements:

• • Individual project assignments will be performed under the R&S leadership. Working knowledge of industry standards and governance frameworks (e.g., COBITS, etc.), strong analytical abilities, and exceptional project management skills are key to success in this unique and challenging position.
  • The individual must possess the following knowledge, skills, and abilities and be able to perform the essential functions of the job, with or without reasonable accommodation.
  • Understanding of control concepts/frameworks (e.g., COBIT V/S, NIST 800.53, COSO, ISO/IEC 27001 etc.)
  • Experience/knowledge of auditing IT processes and controls, including forwarding and risk identification
  • Through understanding of complex information systems, emerging IT trend/level practices and proven ability to apply in diverse and continuously evolving client/congress environments
  • Knowledge of frameworks such as CMO and Sorbanes-Oxley Jet provisions and prior implementation of cost-effective approaches for achieving IT compliance
  • Polished and professional interviews/negotiated with unsatisfied curiosity
  • Excellent presentation, speaking and written communication skill with ability to lead meeting/audited/report generation
  • Experience education/training clients or internal employees on IT SOX requirements
  • Ability to work independently and in a team environment with superior interpersonal and collaboration skills
  • Advanced project management and problem solving capabilities
  • Strong analytical, strategic thinking and tactical audit execution skills
  • Strong work ethic with self-eccountability for high-quality results
  • Willingness to openly challenge the status quo and drive positive process/control/technology improvements
  • Positive attitude and perseverance in the face of challenges and/or changing circumstances
  • Innate leadership skills with an emphasis on optimizing individual and team productivity/contributions
  • Keen instincts and opportunistic business sense capable of proactively identifying/preventing possible problems
  • High-energy self-tacitor capable of completing a diverse workload within strict timelines
  • Absolute discretion and confidentiality regarding sensitive information
  • Highest standards of ethical conduct and integrity

The ideal candidate should have:

• 5+Years of Experience in advisory/consultancy space
• Behaviors Degree in IT/B: Tech Computer Science
• CRSA (mandatory requirement)
• CEN (added advantage)

Suitable and qualified candidates should apply through https://www.qtuganda.co.ua/en/careers/
and send CVs ONLY to recruitment@ug.gt.com. Only shortlisted candidates will be contacted.