About the Organization:

VisionFund Micro Finance Institution (S.C) is an Institution established according to proclamation No. 40/96 to provide financial services to the productive poor in the rural and urban areas of Ethiopia. VisionFund is currently operating in five of the Regional States of the country. VisionFund MFI is currently looking for candidates for the position of IT and System Audit Division Manager. The successful candidates will have skills and experience that meet the following requirements:

Job Summary

The primary objective of the job is to perform advanced level and/or managerial, professional information technology auditing work, assisting the developer, the strategic and annual IT Audit plan and providing ongoing training, coaching and supervision IT Audit staff and ensure whether IT Audit activities are carried out in compliance with IT Audit standards for the professional practice IT auditing. Maintains organizational and professional ethical standards set on the Internal Audit charter and code of conduct.

Duties and Responsibilities

• Leading, managing and developing an effective IT audit team plan.

• Provide overall  direction

• Establish and assign IT Audit  teams to specific engagements

• Review and approve the audit program

• Review Internal assessment of compliance for standards like PCI DSS & ISO series 

• Review audit reports produced by the audit teams and provide comment for further improvement.

• Manages the audit staff in conducting interviews, reviewing documents developing and administrating surveys ,preparing audit program and working papers

• Prepare quarterly progress report that discuss on significant audit findings, rectification status and other issues and submit to Chief Internal Auditor

• Assists in communicating the results of audit and consulting engagement via written reports and oral presentations on a timely bases of to the bear of management/audit committee and president/process council

• Develop and maintains productive team oriented auditee, staff, management and board relationships through individual contact and group meeting

• Peruses professional development opportunities, including internal and external training and professional association membership and shares information’s gained with co-workers

• Represent IT auditing   on organizational project teams, at management and board meetings and with external organizations

• Forward proposal to Chief Internal Auditor with regard to the recruitment, selection, training and evaluating of audit staff

• Manage the identification and evaluation of the organization’s audit risk and provide significant input to the development of risk based strategic and annual IT Audit  plan

• Assist the Chief Internal Auditor in managing IT Audit staffs and in planning, organizing, directing and monitoring of IT Audit operations including assisting in hiring, training and evaluating staffs and taking effective action to address performance matters.

• Manage the performance of IT Audit procedures including identifying and defining and analyzing evidence and documenting IT Audit process and procedures.

• Motivates, develops and manages performance of IT auditors and team leaders

• Managing and monitoring programmed audit assignments effectively and efficiently

• Producing audit reports to meet the required standard for reporting to senior management

• Developing expertise in, and advice on, specific aspects of the business coordinates communication & interaction with regulatory agencies, external consultants, & other interested parties.

• Development, implementation and communication of Chief Internal Audit’s mission, goals and strategies.

• Build and maintain effective relationships with Internal Audit, IS and business personnel.

• Oversees a staff of IT auditors responsible for auditing information systems, platforms, and operating procedures in accordance with established corporate standards for efficiency, accuracy and security.

• Evaluates Core Banking, IT infrastructure and processes in terms of risk to the organization and establishes controls to mitigate loss

• Determines and recommends improvements in current risk management controls and the implementation of system changes or upgrades   

• Planning and scoping audit assignments effectively, allocating audit resources, defining deadlines and ensuring a comprehensive and appropriate term of reference is set for each review.

Job Requirements

•   BSc Degree in Computer Science, Information Science, Management Information Systems, Electrical and Computer Engineering or Information Technology related fields.

• CISA (Certified Information System Auditor) or CCNP Security is advantageous. Preferred additional qualifications are CISSP (Certified Information System Security Professional), Cisco Certified Internetwork Expert (CCIE) Security, or Certified Ethical Hacking (CEH).

•   A minimum of 7/9 years of work experience for BSc/MSc, out of which 2 years as IT and System Auditor. 

•   Extensive knowledge and skill in applying internal auditing and ICT principles and practices, and management principles & preferred business practices;

•   Knowledge of information systems audit or investigation; 

•   Considerable knowledge of internal audit standards, IT Audit practices and code of Ethics.

•   Knowledge on international best practices in IS security and  IS Auditing;

•   Knowledge of contemporary risk management and control techniques and working knowledge of  contemporary control frameworks

•   Ability to develop and implement audit strategies and programs 

•   Knowledge of management , ICT concepts and practices 

•   Familiarity with common indicators of fraud, attack, hacking and any security breach indicators

•   Ability to deal with a dynamic operational environment and work within timelines.

•   Ability to work and effectively prioritize in a highly dynamic decentralized work environment;

•   Ability to promote the ICT audit activity within the institution

•   Keeping up-to-date  with professional changes in opinions, standards and regulations

•   Experience of IT auditing    techniques, disaster recovery planning and testing, IT risk analysis, business resumption and contingency planning

•   Strategic Thinking & Execution

•   A Strong Drive for Results

How to Apply

Submit your application letter, updated curriculum vitae with names and addresses of up to 3 references and non-returnable copies of credentials via email: VFE_Vacancy@wvi.org or in person to VF MFI SC Head Office located Gerji Mebrat Haile infront of Mulmul Dabo or P.O.Box 31478

               Women applicants are highly encouraged to apply!

Note: -   Only short listed candidates will be contacted for subsequent assessment