Senior Systems Auditor

Company Details
Industry: Hospital & Health Care
Description: Opened in 1954, The Nairobi Hospital has excelled in medical expertise and services provision and has deservedly earned recognition throughout East Africa and beyond as an advanced diagnostic, treatment and referral centre. Expansive investment in latest technology and medical equipment has enabled … Opened in 1954, The Nairobi Hospital has excelled in medical expertise and services provision and has deservedly earned recognition throughout East Africa and beyond as an advanced diagnostic, treatment and referral centre. Expansive investment in latest technology and medical equipment has enabled us establish leadership in medical procedures both in Kenya and outside. View more View less
Job Details
Job Type: Full Time
Workplace Type: On-site
Qualification: Diploma
Job Experience: Mandatory
Job Location: Nairobi County, Kenya
Closing Date: Undisclosed
Salary: KES Unspecified / month
Other Pay: Benefits
Job Category: Audit
Job Description

REF: TNH/HHR/ SSA /06/2026

The overall purpose of this role is to plan, lead, and execute technology and information systems audits across the Hospital’s ICT environment, to exercise supervisory oversight over the Information Systems Audit Unit, and to handle technically complex IS audit assignments in direct conjunction with the Internal Audit Manager. The role provides independent, risk-based assurance over the Hospital’s Kranium HMIS, Navision ERP, and wider digital infrastructure, in line with the approved Annual Audit Work Plan, and provides functional leadership to other internal auditors through the TeamMate Audit and TeamMate Analytics platforms, ensuring that audit planning, fieldwork, data analytics, evidence management, and reporting are executed on a fully automated, end-to-end basis.

Key Responsibilities

  • Lead and execute risk-based IS audit engagements across the Hospital’s Kranium HMIS, Navision ERP, LIMS, PACS, billing platforms, and digital infrastructure, in accordance with IIA Standards and ISACA/COBIT frameworks.
  • Develop IS audit programmes covering IT General Controls (ITGC), application controls, access management, change management, cybersecurity controls, and data governance.
  • Assess the design and operating effectiveness of these controls, including network security and application-level controls, within clinical and administrative systems.
  • Provide supervisory oversight over the Information Systems Audit Unit by planning and assigning IS audit work, reviewing working papers and draft audit reports for technical adequacy, and coaching the Information Systems Auditor.
  • Lead other internal auditors in the use of the TeamMate Audit and TeamMate Analytics platforms, configuring platform workflows and automation rules so that the audit lifecycle is fully automated end-to-end, from planning through to issue tracking and closure.
  • Handle complex and technically demanding IS audit assignments in direct conjunction with the Internal Audit Manager, including major system implementations, cybersecurity assurance reviews, penetration testing assurance, and data migration controls.
  • Work with the ICT Director and project teams to provide assurance on Kranium HMIS and Navision ERP implementations and upgrades, ensuring controls are embedded at each project milestone.
  • Review the integrity, reliability, and security of data generated by Kranium HMIS and Navision ERP, and assess the adequacy of controls over data capture, processing, storage, and reporting.
  • Evaluate disaster recovery (DR) testing outcomes and business continuity plan (BCP) adequacy for IT-dependent Hospital operations.
  • Test and identify network and system vulnerabilities, and develop counteractive strategies to protect the Hospital’s information systems and data assets.
  • Apply the TeamMate Analytics platform, alongside other Computer-Assisted Audit Techniques (CAATs), across Kranium HMIS, Navision ERP, pharmacy, and laboratory transaction data.
  • Review ICT policies, procedures, and work instructions for adequacy and alignment to best practice and regulatory requirements.
  • Provide assurance on data privacy and protection in line with the Kenya Data Protection Act, 2019 and the Data Protection (General) Regulations, 2021.
  • Prepare IS audit reports with risk-rated findings, root cause analysis, and actionable recommendations, and present draft reports to the Internal Audit Manager for review and finalisation.
  • Monitor implementation of agreed management actions, escalating overdue or insufficient responses to the Internal Audit Manager.
  • Keep abreast of technology developments, emerging cybersecurity threats, and IS audit standards to provide advisory input on ICT risks to the Hospital.
  • Advise on ICT-related training needs and capacity building within the Information Systems Audit Unit.
  • Represent the Internal Audit Department in technology governance committees or working groups.
  • Carry out any other responsibilities assigned by the Internal Audit Manager from time to time.

Qualifications

The ideal candidate should possess:

  • Bachelor’s Degree in Computer Science, Information Technology, Information Systems, Software Engineering, or Cybersecurity from a recognised institution.
  • Certified Information Systems Auditor (CISA) issued by ISACA mandatory at the time of appointment.
  • Certified Information Security Manager (CISM) or Certified in Risk and Information Systems Control (CRISC) issued by ISACA – added advantage.
  • CISSP (Certified Information Systems Security Professional) issued by ISC2, Certified Ethical Hacker (CEH), or an equivalent professional cybersecurity certification – added advantage.
  • Certified Internal Auditor (CIA) issued by the Institute of Internal Auditors – added advantage.
  • Certified Public Accountant CPA (K) or ACCA – added advantage.
  • Active member of ISACA.
  • Minimum of 6 years’ IS audit experience including hands-on work with ITGC, application controls, cybersecurity audit, and COBIT 2019.
  • Working knowledge of Kranium HMIS, Navision ERP, LIMS, and PACS in a hospital or regulated environment.
  • Working knowledge of the TeamMate Audit and TeamMate Analytics platforms (or equivalent audit management and data analytics tools), with the ability to lead and train other auditors in their use.
  • Familiarity with ISO/IEC 27001, IIA Standards, and the Kenya Data Protection Act, 2019.

If your background, experience and competence match the above specifications, please send us your application (cover letter & CV/Resume) quoting the job reference number, testimonials and full contact details of 3 referees, to reach the undersigned not later than 30th June, 2026. We shall ONLY accept ONLINE applications.

The Nairobi Hospital does NOT charge recruitment fees.
Head of Human Resources
The Nairobi Hospital
P. O. Box 30026 – 00100
NAIROBI

Email: [email protected]

23 open positions on Semasocial right now · 6784 open positions in Nairobi County, Kenya
Contact Information
Sign in to apply for this job.
CV Job Description Matcher See how well your CV matches this job and get tips to improve your chances AI Tool

This tool helps you see how closely your CV matches a job description. It also gives you simple suggestions on what to improve so you have a better chance of getting shortlisted.

Similar Jobs

View Job Jul 8, 2026
Fargo Courier Nairobi County, Kenya
View Job Jul 01, 2026
Absa Bank Limited Nairobi County, Kenya
View Job Jul 01, 2026
UAE Jobs Abu Dhabi Emirate, United Arab Emirates
View Job Jul 01, 2026
Beware of Fraudsters!
Never pay anyone for job applications, interview tests, or job interviews. A genuine employer will never ask you for payment under any circumstances.
Disclaimer & TOS: We do not guarantee the authenticity of every single job posting and are not responsible for any fraudulent activity or misrepresentation by third parties. We are not involved in any stage of the interview or recruitment process and do not charge any fees from job seekers. For further details, please read the rest of the Terms of Service.