Senior Internal Auditor - Technology & Operations

JOB SUMMARY: To provide strong support to the Senior Manager, Internal Audit through leading or performing assigned risked-based Information Technology and Operational audits.

The incumbent also performs Risk Assurance activities, Special/fraud reviews/ investigations, Compliance testing of cybersecurity & information security vulnerability assessments and consulting engagements across the Company and its Subsidiaries.The responsibility also includes utilizing established governance, risk management, auditing and accounting framework/standards and a multi-disciplinary skillset in the completion of audits/ reviews of the company’s numerous policies, expansive IT infrastructure and other business processes.

KEY FUNCTIONS

Annual Audit Planning

• Contribute to the development of Internal Audit's Annual Plan by providing insights and inputs into the annual planning process based on enterprise risk assessments, knowledge of the business and past audit results.

Cybersecurity and/or Information Security Engagements

• Identify and assess various risks primarily focusing on cybersecurity and information security by performing Network Security reviews, Application Security reviews, Cloud security assessments, Endpoint security reviews, Identity and Access Management reviews, Security Information & Event management reviews, reviewing IT's programs on prevention, detection, mitigation, investigation and monitoring of threats and conducting any other procedural or technical reviews in support of the IT infrastructure.

Other Assurance Engagements

• Increase the organization's likelihood of achieving strategic objectives by providing the Board and Executive Management with independent assurance of the effectiveness of the Company's Governance, Risk Management and Control processes across all LOBs of the Company in accordance with established international Internal Audit standards and department's methodology.

Internal controls, ethical culture and cybersecurity/ information security awareness

• Improve the organization as well as reduce opportunities for wastage, fraud and inefficiencies by conducting and reporting on Assigned Audits, Special Requests, fraud/ whistleblower investigations in accordance with Company policy, and reporting, counselling and advising on internal control issues to the Senior Manager, Internal Audit, Chief Internal Auditor and Executive Management.

Communicating Results

• Recommend business improvements by preparing value-added audit reports that highlight cost savings and revenue generating opportunities as well as areas for improved business effectiveness and efficiency.

Monitor Implementation

• Provide assurance to the Senior Manager Internal Audit that audit recommendations are effectively implemented by performing ongoing follow-ups with management on the status of audit recommendations; and by driving the implementation of recommendations and providing timely status updates to the Senior Manager, Internal Audit and the Chief Internal Auditor.

Consulting Engagements

• Increase the likelihood of achieving project/committee deliverables by providing advice to Executive Management on governance, risk and control systems necessary for the success of key organizational initiatives, projects and committees and promoting integration amongst various LOBs/departments/projects, thereby reducing organizational silos.

External Audit Direct Assistance

• Assist with reducing External Audit fees by performing Audit procedures on behalf of the External Auditor in the completion of TSTT's annual financial audit via direct external audit assistance.

Other

• Improve individual competency and ethical behaviour of company staff and the overall control and compliance culture by executing training & Awareness sessions in the areas of Audit, Cybersecurity, Fraud, Ethics, Governance etc. and continuously promoting company ethics and good governance.
  • Ensure that all work is done in accordance with established safety practices and procedures.
  • Perform such other related duties as may be assigned by the Chief Internal Auditor and/or the Senior Manager, Internal Audit.

Education:

•  One or a combination of the following:
  • A BSc. in Computer Science, Information Technology, Networking, Cybersecurity or other relevant discipline
  • Certified Information Systems Security Professional {CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Ethical Hacker (CEH)
  • Certified ISO 27001/2 Lead Auditor
  • Certified Information Systems Auditor {CISA)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified in the Governance of Enterprise IT {CGEIT)

Experience:

• A minimum of five (5) years’ progressive and diverse work experience in the field of IT Auditing, Information Security, Cybersecurity or an IT related field.
• Working Knowledge of any of the following Information security/ cyber security frameworks:
  • National Institute of Standards and Technology {NIST)
  • International Standards Organization {ISO) 27001 & 27002
  • COBIT Framework
  • Center for Internet Security (CIS)
  • Information Technology Infrastructure Library {ITIL)
  • Any other Information Security/ cyber security framework
  • The ability to:
    • Perform data interrogation and analytics.
    • Complete audit work utilizing Internal Audit and Risk Management Software applications.
    • Interrogate Enterprise and Billing Applications.
    • Proficiently use Microsoft Office suite.

PERSONAL ATTRIBUTES:

• Attention to detail.
• High energy and results-oriented.
• Ethical, Demonstrates Integrity & Confidentiality.
• Sound independent judgment.
• Strong team player who can incorporate input from others and can generate consensus through inclusion.
• Good organizational skills and ability to meet tight deadlines in an environment of competing priorities.

FUNCTIONAL COMPETENCIES:

Professional Ethics: Uploads and promotes the IIA’s Code of Ethics and the corporate standards and values of TSTT.

Critical Thinking: Applies process analysis and evaluation, business intelligence and problem-solving techniques to form justified conclusions and propose tactics for business process improvement.

Governance Risk and Controls: Assess organizational frameworks for governance and enterprise risk management and ensure that internal control activities are balanced with organizational objectives and capabilities.

Audit Standards and Delivery: Applies the relevant Cybersecurity/Information Security Framework International Professional Practices Framework (IPPF) to effectively deliver internal audit engagements.

Expert Knowledge: Possesses advanced technical knowledge in the key disciples of Technology. A constant focus on efforts to improve performance, quality and efficiency of work.

Problem Solving and Decision Making: Use critical thinking to evaluate problems, gather information, understand causes, and identify the best workable solutions. Invests time in planning, discovery, and reflection to drive better decisions and more efficient implementations.

CORE AND LEADERSHIP COMPETENCIES:

Organisational Awareness: Contributes to the organisation by understanding and aligning actions with the organisation's goals, core functions, needs, and values. Contributes to the organisation by actively demonstrating the alignment of activities with the organisation strategies, key initiatives, core functions, needs, and values and supporting others to do the same.

Customer Focus: Prioritises and takes action on the needs of both internal and external customers. Designs and delivers products and services with the customer experience top of mind.

Planning and Results Orientation: Invests time in upfront planning to achieve organisational goals and objectives while meeting quality standards, following the appropriate processes, and continuously assessing results.

Creativity and Innovation: Thinks beyond the confines of traditional models to recognise opportunities and find new and better ways of doing things to be and remain an agile broadband provider. Encourages experimentation and accepts failure as a driver of innovation.

Communication: Effectively and appropriately interacts with others to build relationships, influence others, and facilitate sharing ideas and information. Uses tact and diplomacy to navigate demanding situations. Relays key messages by creating a compelling story targeted to specific audiences.

Strategic Leadership and Execution: Applies vision to think beyond the immediate situation and explore multiple potential paths. Invests time in planning, discovery, and reflection to better drive decisions and more efficient implementation. Ensures that business goals are met by executing, monitoring, and adjusting the organisational action plan.

Relationship Building: Establish and maintain positive working relationships with others, both internally and externally, to achieve the goals of the organization.

People Leadership: Inspires, motivates, and empowers people to achieve organisational goals. Coaches, mentors, and manages employee experience, and employee performance, through mindful preparation. Creates space for others to lead.

Managing Through Change and Uncertainty: Adjusts thinking and behaviour to resiliently face change and uses experience to fuel growth. Embraces failure as a learning opportunity for themselves and others. Enables the process of change and transition while helping others deal with the effects of change.

Deadline date for applications: Saturday 1st November 2025