IT Auditor

Department: Internal Audit

Location: FINCA Head Office, Dar es Salaam

Validity period: 11/06/2025 – 18/06/2025

The IT Auditor will assess and ensure the effectiveness of our IT systems, controls, and security protocols, with a focus on aligning them to both internal policies and Tanzanian regulatory standards. This role is crucial in identifying, mitigating, and reporting on risks related to technology infrastructure and ensuring the bank’s compliance with local and international regulations.

•Evaluate the bank’s IT systems, infrastructure, and applications for security, performance, and compliance with both local regulations and international
•Conducting other non- IT related audits in the banking environment.
•Identify and assess IT-related risks, including digital, cybersecurity threats, fraud, and operational risks
•Ensure adherence to Tanzanian regulations, including those set by the Bank of Tanzania (BoT), Tanzania Communication Regulatory Authority (TCRA), and international standards such as ISO 27001, SOX, and others.
•Assess the bank’s internal IT controls and recommend improvements to mitigate risks.
•Plan and execute audits, including risk assessments and testing of IT controls, systems, and processes.
•Prepare detailed audit reports with findings, highlighting vulnerabilities, weaknesses, and suggesting actionable recommendations to senior management.
•Work closely with IT teams, senior management, and external auditors to implement recommendations, resolve audit findings, and improve IT processes.
•Monitor the implementation of corrective actions and ensure compliance with audit recommendations.
•Stay up to date with evolving IT trends, cyber threats, Tanzanian regulations, and global best practices in IT auditing

Education: A bachelor’s degree in information technology, Computer Science, or related field. A master’s degree or professional certification in IT auditing is an added advantage.
Certifications:
Certified Information Systems Auditor (CISA) – preferred,Certified Information Security Manager (CISM), Certified Internal Auditor (CIA), Certified Information Security Specialist (CISSP) or Certified in Risk and Information Systems Control (CRISC) are a plus.

•A minimum of 3-5 years of IT auditing experience, preferably within the Tanzanian banking or financial services industry.
•Solid understanding of local regulations set by the Bank of Tanzania (BoT), Tanzania Communications Regulatory Authority (TCRA), and others.
•Experience in auditing complex IT systems, including core banking platforms, payment systems, and digital banking services.
•Knowledge of financial services regulations such as Anti-Money Laundering (AML), Know Your Customer (KYC), and Data Privacy regulations

•Experience with mobile banking platforms and digital banking technologies used in Tanzania.
•Knowledge of cloud-based technologies and associated audit methodologies.
•Exposure to Digital, Blockchain, Fintech, and Cybersecurity threats within the financial sector.