Deputy Director, Risk Assurance at Communications Authority of Kenya

Job Description (adsbygoogle = window.adsbygoogle || []).push({}); The Communications Authority of Kenya is the regulatory authority for the communications sector in Kenya. Established in by the Kenya Information and Communications Act, , the Authority is responsible for facilitating the development of the Information and Communications sectors including; broadcasting, multimedia, telecommunications, electronic commerce, postal and courier services.Ref. DD/RA/Responsibilities Under the supervision of the Director, Internal Audit and Risk Assurance, the Deputy Director,Risk Assurance is responsible for providing independent, objective assurance and consulting activity aimed at adding value and improving the operations of the Authority. The Auditor will also evaluate and improve the effectiveness of risk management, control and governance processes. This role requires expertise in risk management, internal controls, and governanceprocesses.Advise the Authority on the effectiveness of enterprise risk management strategy and frameworks.Identify, assess, and prioritize risks across the organization, considering both internal and external factors.Review risk exposure, identify emerging risks, and recommend appropriate risk mitigation measures.Assessment of controls over critical IT systems, network and physical components, and IT infrastructure supporting relevant business processes.Review of security and data privacy compliance – (information leakage prevention, security of changes, biometrics and identity management).Review and advise on the effectiveness of internal control systems to ensure compliance with applicable laws, regulations, and internal policies.Perform data analytics in support of the internal audit function.Provide recommendations to Management on matters relating to efficiency, effectiveness, and value-for-money audits.Review and advise on business continuity management, backup plan and disaster recovery plans for resilience.Carry out special audits and investigations on areas of potential for fraud and report to management and or the Board.Stay updated on regulatory requirements, industry trends, and emerging risks relevant to the communications sector including carrying out research and benchmarking on audit and emerging technologies.Participate in the maintenance and documentation of standards, policies and practices.Perform review of information systems under development and enhance the current systems. Qualifications: Bachelor’s degree in information technology /Computer Science, Business Information Technology or any other relevant field. Master’s degree is preferred.Be a Member of the Information Systems Audit Control Association (ISACA) and Institute of Internal auditors (IIA) in good standing.Professional certification in Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), or Certified in Risk and Information Systems Control (CRISC), is highly desirable.A minimum of 10 years of relevant work experience, with at least three years in a supervisory role.Fulfill the requirements of Chapter Six of the Constitution