IT & Data Privacy Auditor

Who we are

Moniepoint is an all-in-one financial services platform for emerging markets and the second-fastest growing company in Africa.
Since 2019, Moniepoint’s technology has powered over 3 million people, offering personal and business banking, payment, credit and business management tools to help them succeed.

Curious about what makes Moniepoint an incredible place to work? Check out posts on how we cultivate a culture of innovation, teamwork, and growth.

About the role

The Data Privacy Compliance Audit shall support Moniepoint and play a key role in evaluating and assessing our technology and infrastructure to ensure compliance with relevant regulations and standards, identify risks and provide recommendations for improvement. The Data Privacy Officer will support the team to ensure that Data privacy concerns are addressed as it relates to Client documentation and Security across the cloud infrastructure. The role would entail working with relevant internal stakeholders across the Finance, Operation, Product, Engineering, Risk Compliance, Legal and the Cloud Service Providers.

What you’ll get to do

• Work with Audit Lead to plan internal audits.
• Conduct audits to ensure compliance with internal controls, regulatory requirements, and best practices.
• Perform security audits of cloud infrastructure (AWS, Azure, GCP, SaaS platforms).
• Assess cloud security posture against industry standards and organizational policies.
• Review cloud configurations (identity, access controls, encryption, logging, monitoring).
• Ensure compliance with ISO 27001, PCI DSS, ISO 22301,ISO 20001, and other regulatory requirements.
• Identify risks associated with third-party cloud providers and perform vendor risk assessments.
• Review adherence to data residency, privacy, and contractual obligations.
• Evaluate implementation of security controls (network security, IAM, encryption, key management, backup recovery).
• Test incident response and business continuity plans for cloud-based services.
• Validate logging, monitoring, and SIEM integration for cloud environments.
• Attend meetings, interview staff to gather audit evidence, documents and information. Analyze data to identify financial reporting errors, fraud, and operational risks.
• Evaluate compliance with company policies, procedures and external regulations. Provide assurance on adequacy of security and controls to support business.
• Review internal control policies/procedures to ensure adequate coverage.
• Recommend appropriate mitigating controls for identified security/control risks and follow-up with responsible teams to treat the risks.
• Participate in IT Projects and product development with the aim of identifying risks and recommending appropriate controls.
• Follow-up responsible teams to implement the recommendations of internal auditors, external auditors, consultants, and security analysts.
• Review system deployments to ascertain that security and controls were incorporated, including validating the compliance of development teams to organization's software development policies procedures
• Review IT operations controls, staffing, training requirements, conditions of service and adequate segregation of duties.
• Deliver on other assignments delegated by the supervisor.
• Support the team on review of Change Management Process.
• Collaborate with development teams to identify and remediate security vulnerabilities.
• Support the team on review of software development lifecycle (SDLC).
• Perform other duties as assigned by the Head, IT Audit
• Render technical support to other teams in Internal Audit as required
• Participates in the other regular audits in the IT Audit Plan as assigned by the Head, IT Audit.

To succeed in this role, you should have experience in

• Strong knowledge of cloud platforms (GCP, AWS, Azure).
• Familiarity with security frameworks: ISO 27001, NIST CSF, CIS Controls, SOC 2.
• Hands-on understanding of:
  • IAM (Identity and Access Management)
  • Encryption Key Management (KMS, HSMs)
  • Cloud networking firewalls
  • SIEM logging tools
  • Container serverless security
• Experience with cloud security tools (Prisma Cloud, Wiz, Check Point Dome9, etc.).
• Excellent analytical, risk assessment, and report-writing skills.
• Strong communication and stakeholder engagement ability.
• Software Development Lifecycle.
• Basic knowledge of risk management procedures, internal audit processes and regulatory compliance requirements
• Excellent communication skills and turnaround time
• Self-driven and works with minimum supervision
• Minimum of a Bachelor’s degree in Computer Science/Engineering.
• Certifications in one or more of the following will be an added advantage -CCSP, GCP, CISA, ACA, CISSP, CISM, CRISC, MICROSOFT certifications, ORACLE, etc.
• Experience: Minimum of 5 years of progressive experience in the financial services industry or in a Consulting Firm.

What we can offer you

• Culture -We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.
• Learning - We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
• Compensation - You’ll receive an attractive salary, pension, health insurance, annual bonus, plus other benefits.

What to expect in the hiring process

• A preliminary phone call with the recruiter
• A technical interview with the Hiring Manager
• A behavioural and technical interview with a member of the Executive team.

Moniepoint is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees and candidates.