Openings at Watu Credit Limited

What you will do:

• Auditing and assessing all aspects of the company’s network applications, including software, programs, security, and communications
• Plan and execute the day-to-day activities of IT audit engagement for a variety of clients including testing controls over information security, systems change management, system development, and IT operations
• Inspect company’s IT policies and procedures, perform evaluation of control design; and carry out assessment of the effectiveness of company internal controls concerning IT processes and systems to help ensure company’s IT compliance programs are achieved
• Coordinate internal/external IT audits and assessments. Organize, track, and ensure the remediation of IT audit or assessment findings and recommendations
• Perform information control reviews to include system development standards, operating procedures, system security, programming controls, communication controls, backup and disaster recovery, and system maintenance
• Audit IT solutions, systems and configurations, user access controls, and settings periodically to ensure compliance with established policy and guidelines
• Develop, maintain and coordinate the testing of IT Business Continuity and Incident Response plans. Coordinate the implementation of these plans with the organization and report anomalies to senior management and applicable committees
• Report any information security incident to the Internal Audit and Risk Manager. Assist with coordination and documentation of the response to an information security incident according to established policies and procedures, as requested
• Apply data analysis techniques to evolve the audit process and develop repeatable analytics
• Evaluate internal systems for efficiency, problems, and inaccuracies, and develop and maintain protocols for handling, processing, and cleaning data
• Assists and trains other audit staff in the use of computerized audit techniques, and in developing methods for review and analysis of computerized information systems
• Conduct operational, compliance and financial audits, as assigned, prepare and presents written and oral reports and other technical information in a pertinent, concise, and accurate manner.
• Keep abreast of emerging technologies with the IT environment and help in developing audit plans to counter whatever risks that might be associated with the application of such technologies
• Perform other related duties as requested by supervisor.

What we are looking for:

• Degree, preferably in Information Technology or a business-related discipline
• At least one (1) year of experience in IT, IT Audit or Data Analytics with a reputable organization
• Professional certifications in IT including CISA would be highly desirable
• A 2nd level ACCA or CPA/CIA/CISA will be an added advantage
• Possess advanced knowledge of network and application vulnerability assessment, IT practices, risk assessment practices, change control, data privacy, and business continuity
• Strong proficiency and skills with database applications in at least one major database platform including Access and MySQL, Oracle, SQL Server, Microsoft Office and other related technologies
• Working knowledge of network security and common protocols (TCP/IP, VPN, Firewalls, etc.)
• Proven knowledge of auditing standards and procedures, laws, rules, and regulations, risk management frameworks, procedures, and practices

go to method of application »

Job Description

• Enterprise Risk Management (ERM)
• Design and implement an overall risk management process for the organization, which includes an analysis of the financial impact on the company when risks occur
• Risk reporting tailored to the relevant audience
• Review any new major contracts or internal business proposals to identify the risks therein
• Assist the Head of Internal Audit & Risk in preparation of the board information pack and responding to data/ analytical requests from the Committee
• Embed a risk aware culture in the organization by providing support, education, and training to staff
• Coordinate the establishment and quantification of the organization’s 'risk appetite' and ensure the risk approach adheres accordingly
• Coordinate business units to develop and implement Business Continuity Plans, Disaster Recovery Plans and Crisis Management plans.
• Operational Risk Management
• Assist first line in the preparation and documentation of their Risk and Control Assessments (RCAs) for all areas within the company
• Undertake and document Control Assurance Testing (CAT) linked to RCAs & risk events
• Co-ordinate, monitor and report on a framework of Key Risk Indicators (KRIs) for the company
• Assist first line with the investigation of Risk Events and preparation of reports
• Maintain both the risk event and risk issues logs, monitoring progress and escalating as required
• Influence and monitor progress of action plans to improve the risk and control environment arising from internal and external risk events, risk issues, RCAs, risk monitoring, internal and external audits and compliance inspections.
• Credit Risk
• Ensure that sound credit risk measurement and monitoring frameworks are developed and implemented throughout the organization
• Undertake prompt review of outlying business transactions
• Monitor and assess active accounts to reduce or prevent bad debt losses
• Actively support efforts to identify credit risk related issues and coordinate issues resolution management
• Provide support for pricing and new product process for credit risk inputs (loss assumptions and product risk assessments
• Assist the Head of Internal Audit & Risk in enhancement and review of organizational Credit Policies & Standards
• Market Risk
• Support the identification and evaluation of market, liquidity, and country risks
• Ensure detailed understanding of all P&L and risk drivers and ensuring compliance levels against established risk appetite
• Work closely with the Retail Operations and Back-Office Operations to ensure key risk issues are highlighted and addressed prior to introduction of new products
• Optimize the company’s market risk portfolio through business activities and risk transfer strategies
• Carry out pertinent research and stay abreast of relevant developments (skills, techniques, concepts etc.) in the market risk management realm.
• Strategic, Reputational Risk & Ethics
• Ensure the organization establishes adequate standards and procedures to guide employees and agents in order to create reasonable stakeholder expectations
• Ensure standards and expectations are institutionalized and consistently enforced within the organization
• Evaluate and report on the company’s performance against these standards, procedures, and expectations
• Shape a healthy and positive business ethics culture for the company through implementation of corporate code of ethics and professional conduct
• Enhance responsible ethics management through implementation of Ethics Compliance framework and encouraging compliance to standards and procedures
• Enhance Health and Safety through implementation of a policy on environmental impacts in investment.
• Compliance Management
• Maintain an up to date organization-wide compliance calendar and coordinate all compliance programs and activities to mitigate non-compliance risks.

What we are looking for:

• A university degree, preferably in a business-related discipline from a reputable and recognized institution
• A minimum of 3 years of Risk Management experience
• A certified Public Accountant of Kenya (CPA-K, ACCA or CA).
• Specialized training in risk management