All open roles
Open role

Audit Senior Associate

NCBA Group · Nairobi

NCBA GroupNairobiPosted 22 June 2026Apply by 22 July 2026

Job Purpose Statement

The purpose of this role is to provide assurance on the Group’s information systems with respect to information technology security, functions/ processes and the technology applications that support business functions and ensure appropriate security controls are in place to protect the Group’s assets from ICT related risks.

To role holder will conduct independent reviews on compliance with the Group’s ICT and Information Security policies and procedures, assess adequacy of internal control systems, regulatory requirements observed and highlight exceptions or violations.

Key Accountabilities (Duties and Responsibilities)

Audit Planning 10%

Assist in the formulation and implementation of the Information and Communication Technology audit strategy, as well as to evaluate the standards of risk management, accuracy of the records, procedures and control activities throughout the banks ICT structures

Assess and advice on risk management, internal control systems and including review of the suitability and reliability of management information systems.

Audit Management & Execution 60%

Develop audit tests of assigned assurance and advisory services based on the annual risk based internal audit plan focusing on the key critical risk areas

Execute IS audits and participate in audits of the bank’s subsidiaries, departments, branches and processes as per the audit plans and in accordance with policies, procedures and best practice

Design and execute audit programs or work programs for assigned assurance and advisory services by interview, observation, review processes, data analysis review and testing of the control area

Develop and issue concise draft reports that present findings, recommendations and management response

Prepare summary of audit results and draft audit reports summarizing the audit findings and recommendations, and work with IT management and IT risk in developing action plans.

Follow-up on audit recommendations and actions taken ensuring that they are addressed and appropriate management

Internal business processes 10%

Review procedures and records to ensure they are in line with the Bank’s ICT strategy and objectives.  Appraise policies and plans of activities for all departmental systems in use to ensure these are complementing the ICT strategy.

Liaise with external auditors and other regulatory monitoring agencies and implement recommendations to Information systems controls and security so as to promote growth and ensure compliance with the regulatory framework.

Provide consultancy services to project teams on IT risk, system controls and best practices.

Participate in the bank’s Information Risk forums and provide insights on emerging risk.

Customer 10%

Create a cordial and professional working environment for all staff to enhance individual performance and productivity.

Develop with the assistance of the Head of Audit the annual IS audit team performance objectives, standards and targets

Identify development and training needs and develop plans to satisfy areas identified

Learning and growth 10%

Continuously improve knowledge and learning to ensure conversant with current standards and practices within the profession.

Enhance practice and display of professionalism in conduct of work and day to day activities.

Adherence to professional standards and code of ethics at all times.

Enhance knowledge skills and other competences through continuing personal development.

Job Specifications

Academic:

A University graduate, preferably in Information Systems Management (Computer Science), Business Administration or related fields

Professional:

Qualified Certified Information Systems Auditor with relevant experience in information security knowledge areas, such as Information Systems Audit, Information Security Management and Ethical Hacking.

CIA, CISM, and CISP an added advantage

Qualifications in data analysis and CAATs would be an added advantage

Desired work experience:

At least 4 years of information system audit experience, preferably in the financial services industry.

go to method of application »

Minimum qualifications

BA/BSc/HND

Requirements

Use the link(s) below to apply on company website.

Information Systems Auditor

Audit Senior Associate

https://www.myjobmag.co.ke/apply-now/1258734

Let RezSync handle this application.

Sign up, upload your resume, and RezSync tailors your documents to roles like this one and applies for you — with a full log and a pause switch you own.

Audit Senior Associate at NCBA Group — Nairobi | RezSync Jobs Board