Officer - IT Internal Audit

We are seeking a skilled IT Internal Auditor with a solid foundation in auditing IT systems, infrastructure, and security controls. The successful candidate will be responsible for assessing the effectiveness of IT internal controls across ZainCash’s technology environment. This role requires close collaboration with IT and business units to ensure compliance with relevant regulatory requirements and best practices, while identifying opportunities to strengthen the security, resilience, and efficiency of the organization’s IT operations.

• Apply internal audit standards and IT audit best practices to ensure audit quality and compliance.
• Participate in the identification and evaluation of IT-related risks across various systems and processes.
• Contribute to the development of Risk and Control Matrices (RCM) and audit programs tailored to IT operations.
• Document and maintain audit working papers and templates throughout different audit phases for review and approval.
• Conduct data analysis to evaluate the effectiveness and efficiency of IT internal controls and recommend risk mitigation measures.
• Perform detailed fieldwork to audit financial and operational processes, including system access, change management, data security, and IT governance.
• Examine internal controls, collect and analyze evidence, and ensure compliance with relevant standards and regulations.
• Prepare and present comprehensive IT audit reports with actionable recommendations.
• Follow up on the implementation of audit recommendations and report on their status.
• Support in the development of a risk-based IT audit plan.

• Bachelor’s degree in information technology, Computer Science, Computer Engineering, Information Systems, or a related field.
• Solid understanding of IT infrastructure, including servers, networks, systems, databases and operations.
• Proficiency in data analytics tools and techniques; ability to analyze complex systems and datasets.
• Experience with database tools such as SQL Server and Oracle, and understanding of database integrity and security.
• Basic knowledge of cybersecurity principles, including encryption, firewalls, access control, and threat detection.
• Basic knowledge of relevant regulatory, IT professional standards and compliance requirements (including ISO 27001, ISO 22301, PCI-DSS, ISO 20000-1 and COBIT 2019).
• Excellent written and verbal communication skills, with the ability to prepare clear and concise audit reports.
• Analytical thinking and attention to detail.