• Application Deadline: Tue, 29 Apr 2025 00:00:00 GMT
• Position: Information Technology Auditor



• Job Type Full Time



• Qualification BA/BSc/HND



• Experience 10 - 15 years



• Location Lagos




• Job Field ICT / Computer 
  
  

Job Description

• This role provides strategic oversight and governance of IT systems, data privacy, and compliance programs. It is responsible for ensuring regulatory compliance (NDPR, GDPR), aligning with industry standards (PCI-DSS, ISO 27001, NIST), and enhancing operational efficiency. The role proactively identifies and mitigates IT and data privacy risks, strengthens GRC frameworks, and delivers actionable recommendations to support a secure, resilient, and compliant technology environment

Audits:

• Conduct scheduled, ad-hoc, and focused IT and data privacy audits across all company locations in accordance with Internal Auditing Standards (IIA).


• Perform review of penetration testing, vulnerability scanning and security audits to uncover potential threats.


• Prepare audit working papers and audit files to quality standards within agreed timescales and deadlines


• Draft clear, data-driven audit reports and recommendations on vulnerabilities for review by the Head of Internal Audit


• Perform regular testing of IT applications, infrastructure, and data privacy controls (e.g. access management, encryption etc), identifying critical gaps during testing cycles.


• Collaborate with business units to integrate efficiency improvements into IT systems, achieving a measurable reduction in process downtime or errors.


• Identify and document process gaps or control weakness across IT and business operations.


• Monitor and report changes in IT risk profiles, contributing to GRC policy updates and ensuring up-to-date risk and compliance register quarterly.


• Conduct special reviews, spot checks, or investigations as assigned.


• Provide and seek constructive feedback during audits, achieving satisfaction rating in team and stakeholder feedback surveys.


• Follow-up responsible teams to implement the recommendations of internal auditors, consultants, and security analysis.


• Participate in IT projects and product development with the aim of identifying risks and recommending appropriate controls.


• Assess GRC frameworks, including IT governance policies, risk management processes, and compliance controls, identifying gaps and ensuring alignment with industry standards and regulations.

Quality Management and Improvement:

• Maintain a deep understanding of CapitalSage Holdings’ IT policies, data privacy protocols, and organizational culture, proactively identifying risks that could impact strategic objectives (e.g., zero undetected high-risk issues).


• Understanding of secure software development lifecycle (SDLC) methodologies and conducting social engineering assessments and phishing simulations.


• Assist in the promotion of an Internal Audit service that aims to meet/exceed stakeholder expectations.


• Participate in process improvement/redesign and system upgrade/implementation efforts to ensure relevant requirements are considered and built into new systems and processes.


• Provide advisory services to the Risk management & Compliance functions on risk management and compliance improvement opportunities across business operations.


• Ensure prompt reporting of risk positions to the Head Internal Audit.


• Interpret and analyze reports/data/information to identify possible risk exposure.

Requirements

Experience & Qualifications

• Bachelor’s degree.


• 10–15 years in IT audit, risk, cybersecurity, and compliance.


• Background in audit firms or manufacturing/financial sectors is a plus.


• At least one relevant certification: CISA, CIA, CISSP, CISM, or CDPSE.

Technical Skills

• Solid knowledge of IIA standards and IT audit frameworks (e.g., COBIT, ITIL).


• Skilled in risk-based IT audits, internal controls, and data privacy compliance (NDPR, GDPR).


• Strong grasp of cybersecurity, including threat detection and incident response.


• Proficient in MS Excel, Power BI, or ACL for data analysis.


• Familiar with cloud platforms (AWS, Azure) and audit systems.


• Good command of MS Office tools.

Behavioral Attributes

• Team player who performs well under pressure and meets deadlines.


• Detail-oriented, discreet, and capable of handling multiple tasks.


• Strong communicator with the ability to engage across all levels.


• Self-driven and tactful with a proactive mindset.