securebit technalogies
The objectives of the consultancy, as stated by its mandate, are to provide information and communication technology (ICT) services (including training) on an inter-organizational basis.
Main duties and responsibilities:
At the direction of the client/ CEO and under the supervision of the CISO, the incumbent is responsible for the following:
· Governance: Support the consistent review of the: Decisions of the governing bodies
· Alignment between strategic and tactical plans
· Roles and responsibilities; and Performance indicators
· Risk Management: Support the periodic:
· Identification of threats and risk exposures
· Assessment and management of risks
· Monitoring of the implementation of corresponding mitigating controls
· Update of the risk registers
Quality Management and Compliance Programmes:
o Design, implement, manage and improve quality and compliance programmes across all ICC offices
o Manage compliance and improve business processes and operations by supporting a programme of internal audits and external assessments against adopted standards (e.g. ISAE 3402, ISAE 3000, CobiT, ISO20000 etc.)
o Perform and/or manage internal reviews of Projects and Services against the industry standards adopted by the Centre (i.e., PRINCE II)
o Document and perform quality and compliance review and testing procedures
Business Processes and Controls:
o Support the design, implementation, monitoring and continuous improvement of sound business processes across all client offices
o Conduct reviews and monitor compliance with approved business processes and control frameworks
o Using the Continuous Improvement Process, identify processes requiring improvement, coordinate prioritization and implementation of these improvements using appropriate tools and techniques
Co-ordinate activities for fulfilling requirements of internal and external audits or assessments
· Prepare relevant reports for project Management and Board (Client Management Committee)
· Perform other duties as required.
Experience and Skills required:
Essential:
· Seven+ years of relevant experience in implementing, managing, reviewing and improving internal controls for governance, compliance and quality, IT audits, or assurance and risk management programmes
· Track record of perfoming internal or external audits (financial/operational/IT) in accordance with relevant professional standards (note: ISO audits only do not fulfil this requirement)
· Demonstrated ability to work with and report to a governance board (i.e. audit committee or similar)
· Highly proficient in audit methodologies, especially but not limited to those applicable in IT environments
· Highly skilled in designing and implementing compliance and control frameworks including business process reengineering
· Experience in business process and control optimization, preferably within an IT organization
· Proficient in IT governance and quality standards
· Experience writing high-quality documentation and reports
· Excellent comprehension of internal controls requirements and implications, preferably in the United Nations’ context
· Demonstrated ability to work in multicultural and diverse environments
Desirable:
· Project management experience using a recognized standard (e.g. Prince2)
· Knowledge of IT service provision business models
· Knowledge of working practices within international organizations
· Good understanding of financial, accounting and legal risks
Education:
Essential:
· Master’s degree, or equivalent, in Business Management, Information Technology Management or a related field
· Certified Information Systems Auditor (CISA), CISSP, CISA or CISM /and or Certified Internal Auditor (CIA)
Desirable:
· Postgraduate education in a related discipline
· IT governance and/or risk management certification
Languages:
· Expert knowledge of English is required
·