| Item | Details |
|---|---|
| About this job | Our Risk Assurance Service(RAS) professionals combine deep Information Technology and Corporate Governance expertise with leadingtechnologies to help our clients improve their understanding of and responses to existing and emerging risks. OurRAS practice brings together specialist disciplines to give our clients the insight, foresight, and independent advicethey need to build and safeguard the value of their businesses. The teams help transform the way our clientsperceive - and navigate - risks, so that they can stay at the forefront of change. |
| Reports to | |
| Role location | Uganda |
| Role purpose and context | |
| Key responsibilities | • As a Manager, you will plan and lead the delivery of various IT risk and cyber security related projects covering in summary: ? Understanding and documenting client’s key business processes, underlying business applications and IT controls designed, implemented and operated to address IT risks. ? Performing risk assessment including classifying identified risk based on likelihood of occurrence/ magnitude and prioritizing the same ? Reviewing client’s IT policies and procedures against industry best practices and standards (ISO 27001/27002, COBIT 5, ISF’s SoGP, PCI DSS). ? Reviewing the client’s IT governance structure for compliance with standards and best practices including IT/ digital strategies, IT steering committee efficiency and effectiveness, IT value and delivery practices, IT risk management, IT organizational structures, IT staff competencies etc. ? Providing continuous and point in time quality assurance and project management services for various client system implementations, throughout the project lifespan (covering business requirement gathering, vendor and system selection, system design, construct and/or customization, testing (functional and nonfunctional), data migration, cutoff/ go live, post implementation). ? Performing ERP (SAP, Oracle, JDE and Navision) and core banking system (Flexcube, Finacle, BASIS, T24) control reviews. ? Performing information security reviews including IT general controls review (identify and access management, IT change management, data backup and recoverability, IT incident and problem management), application-level controls reviews (access rights and segregation of duties controls, automated controls, interfaces, system reports testing, etc.) on various tiers of applications including core banking systems and billing systems; network security reviews, operating system security reviews, database security reviews etc. ? Performing data analysis for data integrity tests and data analytics for revenue assurance using queries (SQL and Python) and computer-aided audit tools (ACL and Alteryx). ? Testing of system-driven financial statement balances for accuracy, completeness, occurrences and cut- off financial assertions. ? Performing IT value-for-money (VFM) audits. ? Performing reviews of disaster recovery and business continuity policies, programmes and practices against best practices and standards (ISO 22301). ? Performing IT vulnerability assessments and penetrating testing on web, mobile applications and networks. ? Performing cyber security maturity assessments. • Be part of a team that performs other Risk Assurance related services including corporate governance reviews, enterprise risk management related work, internal audits, third party assurance services etc. as would be advised by the business unit leader. • Build client relationships through engagements based on trust, identifying opportunities to help clients resolve their challenges, and supporting the engagement sales process. • Collaborate with colleagues across different competences within the firm. • Manage staff competency development, engagement resourcing and performance evaluation to promote highly motivated and inspired teams responsible for delivering digital trust and cybersecurity/ privacy assignments. |
| Qualifications |
|
| Experience | 5+ years of relevant experience and good understanding of regulatory requirements relating to IT auditing and governance, enterprise risk management and internal audit. |
| Personal attributes | • Strong time management skills, including flexibility to work with shifting priorities and client needs. • Project management and analytical skills. • Client relationship-building and management skills • Strong verbal, presentation and report writing skills • Leadership qualities • Strong project management, analytical skills and organisational abilities • Awareness of current / emerging market trends and issues • Ability to follow formal methodologies and apply risk and quality standards • Excellent verbal skills and report writing capabilities • Team player |
| Terms of appointment | |
| Application Start | 2024-03-27 |
| Application End | 2025-03-27 |
| Applicatoin link or email | https://pwc.wd3.myworkdayjobs.com/Global_Experienced_Careers/job/Kampala/Risk-Assurance-Services-Manager_508731WD |
| Attachment path | View Document |
| Back |