Jobs Career Advice Signup

Send this job to a friend


Did you notice an error or suspect this job is scam? Tell us.

  • Posted: Jun 9, 2023
    Deadline: Jun 21, 2023
  • Never pay for any CBT, test or assessment as part of any recruitment process. When in doubt, contact us

    Ecobank is a pan-African banking conglomerate, with banking operations in 36 African countries. It is the leading independent regional banking group in West Africa and Central Africa, serving wholesale and retail customers.It is creating the platform to develop you into the new generation of leaders.Ecobank Management Development Programme (EMDP) aims to ...
    Read more about this company


    Internal Auditor: Cyber & Information Security, Network and Infrastructure

    About The Job

    Report to:  

    • Head, Internal Audit (Ecobank Ghana)
    • Manager, Internal Audit (eProcess , EGH & AWA)

    Job Purpose:

    • Carry out audits and reviews of the Cyber & Information Security, Network and Infrastructure hosted by the institution
    • Carry out other duties that may be assigned (ARRs, follow-ups etc.)
    • Independent assessment of the effectiveness of Information Systems risk management process and practices
    • Information Systems Audit Objectives 
    • Information Systems Risk reviews.
    • Provide assurance to the Board and Management on key risks and their management

    JOB PRINCIPAL ACCOUNTABILITIES  (Key tasks and indicate any additional activities arising from the job)
    Information Systems Auditor:

    • Carry out the periodic audit of information systems hosted by the institution and Group operations & Technology done in line with the approved Audit plan.
    • Conduct audit and risk reviews of information systems including the following:
    • UNIX AIX and Windows operating systems
    • Portable devices such as laptops, notepads, smart phones, blackberry phones
    • Data backup / storage, security, availability, integrity, classification and retention
    • Windows Office applications including email
    • Windows domain controller
    • Assess the risk and security exposures associated with all software applications and databases used for the facilitation of banking services to the bank’s customers across all affiliates.
    • Assess risk associated with the strategic planning and management of the activities of the information technology platforms in Accra and Lagos.
    • Assess risks associated with Information Security, IT Security, business continuity and disaster recovery planning
    • Assess risks associated with data security, portable devices, windows office applications and domain controller
    • Conduct audit and risk reviews of the following Network and Communication Systems but not limited to:
    • The institution’s network and communication platforms
    • Routers
    • Firewalls
    • IDS / IPS
    • Switches
    • Voice / Data / Video
    • Conduct audit and risk reviews of Infrastructure including the following:
    • Data Centers i.e. Accra, and Lagos
    • Network and Internet Security
    • Cloud computing
    • Design / update I.S Audit programs and checklists for Networks, Communications and Infrastructure in line with international standards and new technology developments within the Group
    • Plan and execute risk-based audit of Networks, Communications and Infrastructure
    • Monitor and escalate key risk issues
    • Carry out ad-hoc reviews
    • Perform periodic IS Risk Assessments and maintain a technology risk map for institution and Group Operations & Technology 
    • Review and evaluate new technology products / services and associated risks.
    • Independent participation in the review and evaluation of projects related to various information systems. networks, communications and infrastructure
    • Share audit findings and recommendations for corrective action to the head of audit for management.
    • Issue draft report within 10 days after completion of all audit assignments.
    • Conduct training for colleagues (auditors), in order to improve the knowledge in auditing and enforcing controls in the IT systems.
    • Assist in the preparation of quarterly board papers.
    • Special Assignments and reviews.
    • Perform other tasks that may be assigned by the Head of Audit and Audit Manager, eProcess & EGH

    JOB CONTEXT      
    Audit Risk Reviews:

    • Conduct audit risk review of critical platforms and  the institution’s operations and issue report on findings
    • Test to see if controls are working as they should
    • Assist to provide reasonable assurance to management that risk identified are being managed.

    Audit Risk Reviews:

    • Provide trend analysis on key risks and recommend solutions
    • Interact with all levels of staff, giving feedback on risk and control issues identified during audit reviews
    • Provide advisory services to Functional Heads on risk and control weaknesses affecting their respective areas.
    • Escalating risk and control issues and concerns to the head of audit for management attention.
    • Assist in educating staff on risk the company is exposed to.


    • At least six (6) years of hands on database and technology application management and related fields
    • Developed a broad and deep knowledge of all operational systems and to perform periodic audits required to enhance operational efficiencies
    • Ability to review Network performance by monitoring network devices(routers and switches etc.); evaluating and providing recommendations for resolving network issues; management of network tools; and providing advisory services.
    • Ability to assess Network design and provide expert advice to network, operations, and technical support teams
    • Ability to review IT Security Framework Design and Implementation.
    • Ability to access Security Policy Design, Infrastructure Design and Analysis.
    • Ability to perform Identity Management, Firewalls Security Reviews.
    • Understanding and use of CAATs for analytics (e.g. ACL).
    • Understanding of Risk Assessment Tools and Methodology.
    • Proficiency in the use of Structured Query Language (SQL).
    • Some programming and/or advanced database skills required.
    • Knowledge of audit procedures and institution’s procedures and information technology standards.
    • Knowledge of global banking systems, and system of controls within the banking environment.
    • The incumbent must be detail oriented with an eye for precision
    • Ability to assess network performance by developing a protocol for measurement of results and identification of problem areas.
    • Excellent written and verbal communication skills with good presentation skills
    • Strong planning and execution skills; ability to set priorities and work under pressure
    • Ability to interact and present ideas effectively to all levels of staff
    • High level of logical and analytical thinking
    • Risk based audit techniques


    • University degree in Computer Engineering and Information Technology or related fields
    • Equivalent professional qualification in Information Systems Security and/or Audit
    • Certified Information Systems Auditor (CISA)
    • Certified Information Security Manager (CISM)
    • Certified Information Systems Security Professional(CISSP)
    • Cisco Certify Network Associate (CCNA)
    • Cisco Certified Network Professional (CCNP) +
    • CompTIA Network++

    Personal Attributes:

    • Organization
    • Discretion
    • Vigilance
    • Integrity
    • Rigor
    • Courtesy
    • Good communication skills 
    • Availability
    • Ability to work without supervision.

    Method of Application

    Interested and qualified? Go to Ecobank on to apply

    Build your CV for free. Download in different templates.

  • Send your application

    View All Vacancies at Ecobank Back To Home

Subscribe to Job Alert


Join our happy subscribers

Send your application through

GmailGmail YahoomailYahoomail