Citibank N.A. Kenya has been operating in Kenya since 1974 and has two branches in Nairobi and Mombasa, serving Corporate and Institutional clients. Citibank Kenya is the regional hub for the Citi East Africa cluster, which covers Kenya, Uganda, Tanzania and Zambia. It's the only solely corporate bank in Kenya. Businesses Citi Kenya is structured around business segments, product groups, operations and technology and staff units. The business segment that caters to our diverse customer base is our Institutional Clients Group, which includes the global relationship banking services we provide for top-tier local corporate clients. As a part of our business focus and broader market reach, in 1999 we expanded our target market to cater to the emerging and vibrant middle and lower market tiers. We also have a financial institutions group that is responsible for our businesses with other banks, insurance companies and other non-banking financial institutions. We offer a range of banking services to companies, including commercial finance, inter-bank transactions, investment services, deposits, cash management and electronic banking. We assist our customers with managing their finances to increase the value of their investments and finance their projects. Citi Kenya also provides global transaction services, treasury and corporate finance services. Citi's mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients. We have 200 years of experience helping our clients meet the world's toughest challenges and embrace its greatest opportunities. We are Citi, the global bank - an institution connecting millions of people across hundreds of countries and cities.Job Overview The Technology Senior Auditor participates in the timely delivery of high quality, value-added assurance and audit reports for a portfolio of business activities. The suitable candidate should possess relevant knowledge and skills required for auditing one or more areas covering Applications, Infrastructure, Information / Cyber Security, Continuity of Business, and Third Parties including IT Governance and the ITIL-based IT General Controls processes. Exposure to the Kenya Banking Sector regulatory requirements relating to these areas, a good understanding of risk and controls and performing risk assessments of these functions is also essential. Responsibilities Understand and grasp the audit methodology, corporate standards, and internal control processes and use this knowledge to execute audit reviews. Participate in technology audits by identifying key risks and controls, develop and execute control assessment plans, draft control issues and present them to the technology management, discussing practical solutions. Execute audit assignments through effective collaboration with other audit teams within budgeted timelines and costs. Monitor the risk and control environment of the Technology and Cybersecurity operations including emerging risks by interacting with management and providing feedback through the Business Monitoring process. Assess impact of applicable regulations to the technology processes and adequacy of controls for compliance. Develop and maintain effective line management relationships for a no-surprises approach. Assess appropriateness and sustainability of pragmatic solutions for risk mitigation. Deliver the audit work assigned to a high quality in accordance with the requirements of the Quality Assurance scorecard/ IA methodologyActively contribute to the automated auditing initiative for efficient and continuous control monitoring Contribute to various corporate strategic initiatives by active participation and proactive stakeholder engagement. Improve technical knowledge through self-learning and training including mandatory Continuous Professional Development As a successful candidate, you’d ideally have the following skills and exposure: Qualifications and Competencies: University Degree (preferably IT related such as Computer Science, Information Technology) At least 5 years of experience of auditing or managing IT infrastructure systems or applications in a medium to large scale environment, preferably in Banking and Finance field, with strong understanding of related IT risks, controls, and regulations. Specific areas of experience should include cyber risks and controls within the ICT systems and related third-party connections, cybersecurity framework, understanding of threat and vulnerability assessment tests, and penetration tests. Additionally, experience should include Desktop and Server technologies including virtualization and Cloud operations, Databases, Middleware, data and voice networks, Software Development and Production Support practices, Cybersecurity management, and the ITIL general controls processes including IT Governance and IT Program/Project Management. Demonstrated analytical ability to understand IT control issues and related risks and controls, to identify root cause and recommending solutions. Strong written and verbal communications skills in English with ability to clearly articulate issues and facilitate identification and implementation of solutions. Preferred with relevant professional qualifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP). Preferred experience in designing or using Computer Assisted Audit Tools and Techniques (CAATTs) Working knowledge of the modern banking technology systems. Good project management and interpersonal skills