Information Technology Auditor at CapitalSage Technology Limited

Located in the most populous country in the most diverse continent, we have come to realise that conventional financial institutions are handicapped in creating sustainable value for the present generation and the next.

Job Description

• This role provides strategic oversight and governance of IT systems, data privacy, and compliance programs. It is responsible for ensuring regulatory compliance (NDPR, GDPR), aligning with industry standards (PCI-DSS, ISO 27001, NIST), and enhancing operational efficiency. The role proactively identifies and mitigates IT and data privacy risks, strengthens GRC frameworks, and delivers actionable recommendations to support a secure, resilient, and compliant technology environment

Audits:

• Conduct scheduled, ad-hoc, and focused IT and data privacy audits across all company locations in accordance with Internal Auditing Standards (IIA).
• Perform review of penetration testing, vulnerability scanning and security audits to uncover potential threats.
• Prepare audit working papers and audit files to quality standards within agreed timescales and deadlines
• Draft clear, data-driven audit reports and recommendations on vulnerabilities for review by the Head of Internal Audit
• Perform regular testing of IT applications, infrastructure, and data privacy controls (e.g. access management, encryption etc), identifying critical gaps during testing cycles.
• Collaborate with business units to integrate efficiency improvements into IT systems, achieving a measurable reduction in process downtime or errors.
• Identify and document process gaps or control weakness across IT and business operations.
• Monitor and report changes in IT risk profiles, contributing to GRC policy updates and ensuring up-to-date risk and compliance register quarterly.
• Conduct special reviews, spot checks, or investigations as assigned.
• Provide and seek constructive feedback during audits, achieving satisfaction rating in team and stakeholder feedback surveys.
• Follow-up responsible teams to implement the recommendations of internal auditors, consultants, and security analysis.
• Participate in IT projects and product development with the aim of identifying risks and recommending appropriate controls.
• Assess GRC frameworks, including IT governance policies, risk management processes, and compliance controls, identifying gaps and ensuring alignment with industry standards and regulations.

Quality Management and Improvement:

• Maintain a deep understanding of CapitalSage Holdings’ IT policies, data privacy protocols, and organizational culture, proactively identifying risks that could impact strategic objectives (e.g., zero undetected high-risk issues).
• Understanding of secure software development lifecycle (SDLC) methodologies and conducting social engineering assessments and phishing simulations.
• Assist in the promotion of an Internal Audit service that aims to meet/exceed stakeholder expectations.
• Participate in process improvement/redesign and system upgrade/implementation efforts to ensure relevant requirements are considered and built into new systems and processes.
• Provide advisory services to the Risk management & Compliance functions on risk management and compliance improvement opportunities across business operations.
• Ensure prompt reporting of risk positions to the Head Internal Audit.
• Interpret and analyze reports/data/information to identify possible risk exposure.

Requirements

Experience & Qualifications

• Bachelor’s degree.
• 10–15 years in IT audit, risk, cybersecurity, and compliance.
• Background in audit firms or manufacturing/financial sectors is a plus.
• At least one relevant certification: CISA, CIA, CISSP, CISM, or CDPSE.

Technical Skills

• Solid knowledge of IIA standards and IT audit frameworks (e.g., COBIT, ITIL).
• Skilled in risk-based IT audits, internal controls, and data privacy compliance (NDPR, GDPR).
• Strong grasp of cybersecurity, including threat detection and incident response.
• Proficient in MS Excel, Power BI, or ACL for data analysis.
• Familiar with cloud platforms (AWS, Azure) and audit systems.
• Good command of MS Office tools.

Behavioral Attributes

• Team player who performs well under pressure and meets deadlines.
• Detail-oriented, discreet, and capable of handling multiple tasks.
• Strong communicator with the ability to engage across all levels.
• Self-driven and tactful with a proactive mindset.

Method of Application

Signup to view application details. Signup Now