Senior Information System Auditor

The Senior Information System Auditor will independently plan and execute complex IT audits across infrastructure, applications, cybersecurity, and emerging technologies. This role requires strong IT audit capabilities and a solid foundation in cybersecurity to assess and enhance the organization’s IT risk posture. \n\n### Key Responsibilities\n* Lead and deliver IT audits covering IT General Controls (ITGCs), application controls, cybersecurity controls, and IT operations.\n* Assess compliance with the Kenya Data Protection Act (2019), Insurance Regulatory Authority ICT Guidelines, and other relevant legal or regulatory frameworks.\n* Perform independent pre- and post-implementation reviews for major IT projects and system changes.\n* Audit third-party service providers, outsourced IT services, and cloud-based environments, with emphasis on cybersecurity, data protection, and regulatory compliance.\n* Lead the development of the IT audit risk universe and contribute to the annual audit plan.\n* Identify and assess IT and cybersecurity risks, and recommend practical improvements aligned to frameworks such as COBIT, NIST, ISO 27001, and ITIL.\n* Stay informed on emerging IT risks, regulatory developments, and technology trends.\n* Prepare and present high-quality audit reports, including findings and actionable recommendations, to senior management and governance bodies.\n\n### Requirements\n* Bachelor’s degree in Information Systems, Computer Science, Cybersecurity, or a related field.\n* 6–8 years of experience in IT auditing or a combination of IT audit and technical roles.\n* Mandatory: Hands-on experience performing cybersecurity audits, including assessment of security controls, policies, and governance practices.\n* Mandatory Certification: CISA.\n* Mandatory Cybersecurity Certification: One of CISSP, CISM, or CRISC.\n* Active membership in professional bodies such as ISACA or IIA.\n\n### Skills and Competencies\n* In-depth knowledge of ITGCs, cybersecurity frameworks, and application/cloud environments.\n* Familiarity with COBIT, NIST Cybersecurity Framework, ISO 27001, and COSO.\n* Strong verbal and written communication skills, especially in reporting audit findings to non-technical audiences.\n* Proven ability to independently lead audits and coach junior auditors.\n* Experience auditing or working with cloud platforms.\n* Familiarity with using data analytics tools in audit engagements.\n\n### How to Apply\nTo apply, send your Curriculum vitae (CV) and cover letter to recruitment@kenindia.com and quote the job title on the subject of the e-mail by 25th February 2026 at 5:00pm.