Entrepreneurs Financial Centre (EFC)
EFC ZAMBIA: INFORMATION SYSTEMS AUDITOR
1. Position Title : Information Systems Auditor
2. Date : 1st April 2024
3. Department : Audit
4. Job Grade : EFC 4
5. Reporting Officer : Head Internal Auditor
6. Job Summary
The Information Systems Auditor will be responsible for ensuring that EFC’s IT system adheres to
security, regulatory, and compliance standards. He/she will also be responsible for performing on-site
audits of IT and any other business systems, identifying possible vulnerabilities, and preparing audit
reports based on the findings.
7. Essential Duties and Responsibilities
i. Manage the resource planning and requirements for Information Technology Audit
assignments, special assignments, and management requests.
ii. Lead and coordinate investigations for security incidents, breaches, and data leaks promptly.
iii. Enforce information security policies, standards, and procedures to ensure compliance with
industry regulations and internal guidelines.
iv. Coordinate regular IT risk assessments to identify potential vulnerabilities and threats to EFC’s
information systems. Develop mitigation strategies and action plans.
v. Educate EFC employees about security best practices and conduct training sessions to enhance
the overall security awareness within the organization.
vi. Enforce the implementation and maintenance of security technologies, including firewalls,
intrusion detection systems, antivirus software, and access control mechanisms.
vii. Evaluate and monitor third-party vendors’ security practices and ensure that they comply with
the EFCs security requirements.
viii. Maintain security metrics and reporting mechanisms to measure the effectiveness of security
controls and identify areas for improvement.
ix. Develop Audit programs and ensure the appropriate testing mechanisms are developed.
x. Communicate the results, findings, and recommendations of audit projects through written
reports and face-to-face presentations on a timely basis to the Management.
xi. Maintain professional ethical standards and ensure internal audit activities are carried out in
compliance with The International Standards for the Professional Practice of Internal
Auditing (Standards) and IIA Code of Ethics
xii. Support the Head of Audit in coordinating with the External Auditors.
xiii. Report on an ad-hoc basis on specific projects as and when necessary.
xiv. Access Management lead: Ensure timely user deactivation on all platforms.
xv. In charge of the management of all security monitoring tools, reporting on all potential threats
and providing recommendations for resolving incidences.
xvi. Follow up on the implementation of audit recommendations promptly.
9. Qualifications
i. Grade 12 certificate
ii. BSC in Computer Science or related field.
iii. ITIL Foundation/COBIT 5 Foundations.
iv. CISA, CRISC, CISM, and CGEIT (advantageous).
v. 2-3 years’ experience in Information Security Operations and/or Governance, Risk and
Compliance coupled with exposure to implementing frameworks such as ISO 27001 and NIST
and/or;
vi. 2-3 years of Corporate/IT Governance, Risk and Compliance and/or;
vii. 2-3 years of IT Auditing
Entrepreneurs Financial Centre (EFC) is a leading Microfinance Institution, licensed and regulated by the Bank of Zambia. For over 29 years now, we have served and empowered entrepreneurs with tailor-made financial solutions to help them take the next step in their business.
OUR CORE VALUES
Our Core Values of Purpose, Accountability, Service, Stewardship, Integrity, Ownership, Novelty (PASSION) were carefully selected to reflect our passion and what we stand for as an organisation. These values underpin our Vision and Mission, and guide all our business activities, actions, and behaviours. All our business decisions are based on these values.
OUR CULTURE AND OUR WORK ENVIRONMENT
We are passionate about our business, the people behind our success, and our clients. We are a performance-driven and result-oriented organisation. Our culture of open communication and trust propels us to deliver strong results year in, year out. Our work environment is fast-paced and of high intensity, yet highly empowering and highly collaborative. We stretch and challenge every colleague to perform at their highest level and to the best standards and quality. Our reward and remuneration system strongly reflects the premium we place on high performance, and on attracting, developing, and retaining high performing talent.
OUR PHILOSOPHY ON PEOPLE
We are passionate about our people. In everything we do, we start with our people who take care of our clients, who in turn help us deliver sustainable returns for our shareholders. Therefore, we are intent on investing heavily in, and providing a thrilling and best possible career experience for our people. We want our workplace environment and culture to feel like a second home for our people. An environment where our people know each other. An environment where our people know our Clients and our Clients know our people.
THE ROLE AND THE CANDIDATE
We are currently looking for a highly qualified individual to fill the position of Information Systems Auditor. The individual will be responsible for advising, planning, directing, and supervising information systems audit work.
The ideal candidate must have a strong background in information security, and must have expertise in IT security systems, policies, and procedures. He or she should also possess excellent analytical and problem-solving skills, with the ability to identify information security risks and vulnerabilities and develop effective strategies to mitigate them.
In addition to technical skills, this position requires someone with strong strategic thinking skills and a high level of self-motivation. The Information Systems Auditor will be responsible for enforcing the implementation of information security policies and procedures, as well as providing guidance and training to other employees.
Are you interested in adding value to our business? Do you have attributes (skills, knowledge, experience, attitude, character) that squarely match our values, culture and philosophy described above? Will you cope and thrive in a highly demanding yet empowering and rewarding environment? If yes, we invite you to join our team as the Information Systems Auditor, based at our Head Office in Lusaka and reporting to the Head of Internal Audit.
You may send your application, including copies of academic & professional qualifications and three professional references via e-mail to joinourteam@efczambia.com.zm. The closing date for receiving applications is Friday, 12th April 2024.
Please access and review the detailed role profile on our website www.efczambia.com.zm as well as the EFC Zambia Facebook and LinkedIn pages.
EFC
Call 8899 [Toll Free Line]
Visit: www.efczambia.com.zm