Senior Systems Auditor

Nairobi Hospital

Nairobifull time~KES 200k – 350k/mo5h ago

Quick Take

The Role

Lead independent IS audit engagements across Nairobi Hospital's clinical and administrative systems (HMIS, ERP, PACS, billing), manage the audit unit, and automate audit workflows using TeamMate while reporting cybersecurity and control risks to senior leadership.

You Need

Deep expertise in IT audit (IIA/ISACA standards), hands-on knowledge of healthcare IT systems and ERP controls, and proven supervisory experience managing audit teams.

You Get

Leadership role at Kenya's premier private hospital with competitive salary (KES 200–350k/mo), exposure to complex healthcare technology infrastructure, and direct influence on hospital-wide digital transformation.

Job Description

•Role Overview

Nairobi Hospital is seeking an experienced and analytically rigorous Senior Systems Auditor to lead technology and information systems audit engagements across its complex ICT environment. Reporting to the Internal Audit Manager, this role carries supervisory responsibility for the Information Systems Audit Unit and serves as the Hospital's principal technical authority on IS audit matters, including cybersecurity assurance, ERP controls, and digital infrastructure risk.

The successful candidate will provide independent, risk-based assurance over the Hospital's Kranium HMIS, Navision ERP, LIMS, PACS, billing platforms, and wider digital ecosystem. Operating within the TeamMate Audit and TeamMate Analytics platforms, you will drive end-to-end audit automation — from planning and fieldwork through to evidence management, reporting, and issue closure — while coaching junior auditors and collaborating directly with the ICT Director and project teams on major system implementations.

•Key Responsibilities

Plan, lead, and execute risk-based IS audit engagements covering Kranium HMIS, Navision ERP, LIMS, PACS, and billing platforms in accordance with IIA Standards and ISACA/COBIT frameworks.
Develop comprehensive IS audit programmes addressing IT General Controls (ITGC), application controls, access management, change management, cybersecurity controls, and data governance.
Assess the design and operating effectiveness of network security and application-level controls within both clinical and administrative systems.
Provide supervisory oversight over the Information Systems Audit Unit, including planning and assigning work, reviewing working papers and draft audit reports for technical adequacy, and coaching the Information Systems Auditor.
Configure and optimise TeamMate Audit and TeamMate Analytics workflows and automation rules to ensure the full audit lifecycle is managed on an end-to-end automated basis.
Handle complex IS audit assignments in direct conjunction with the Internal Audit Manager, including major system implementations, cybersecurity assurance reviews, penetration testing assurance, and data migration controls.
Collaborate with the ICT Director and project teams to embed controls at each milestone of Kranium HMIS and Navision ERP implementations and upgrades.
Review the integrity, reliability, and security of data generated by clinical and administrative systems, assessing controls over data capture, processing, storage, and reporting.
Evaluate disaster recovery (DR) testing outcomes and assess the adequacy of business continuity plans (BCPs) for IT-dependent hospital operations.
Test and identify network and system vulnerabilities and develop counteractive strategies to protect the Hospital's information assets.
Apply TeamMate Analytics alongside other Computer-Assisted Audit Techniques (CAATs) across pharmacy, laboratory, and administrative data sets to surface anomalies and control exceptions.
Prepare clear, evidence-based audit reports with actionable findings and recommendations for senior management and the Board Audit Committee.

•Required Skills & Experience

Demonstrate at least six (6) years of hands-on IS audit experience, with a minimum of two (2) years in a supervisory or team lead capacity within a complex, multi-system environment.
Execute IT General Controls (ITGC) reviews and application control assessments independently, applying COBIT, ISO 27001, or equivalent frameworks.
Operate and configure TeamMate Audit and/or TeamMate Analytics platforms to automate audit workflows, or demonstrate equivalent GRC/audit management platform proficiency.
Perform data analytics using CAATs tools (ACL/Galvanize, IDEA, or similar) to interrogate large transactional datasets and identify control exceptions.
Conduct or coordinate cybersecurity assurance reviews, vulnerability assessments, and penetration testing assurance engagements.
Assess ERP environments — particularly Microsoft Dynamics Navision — for segregation of duties, access controls, and configuration risks.
Communicate complex technical audit findings clearly in written reports and verbal presentations to non-technical senior management audiences.
Hold a Bachelor's degree in Computer Science, Information Systems, Information Technology, or a closely related field.
Hold or be actively pursuing CISA (Certified Information Systems Auditor) certification; CISSP, CRISC, or CIA is an added advantage.
Demonstrate working knowledge of healthcare information systems (HMIS, LIMS, PACS) and the regulatory and data governance context applicable to a hospital setting.

•Salary & Benefits

Nairobi Hospital offers a competitive remuneration package commensurate with qualifications and experience. Based on Kenyan market benchmarks for senior IS audit professionals in the healthcare sector, the estimated monthly gross salary range is KES 200,000 – 350,000. The Hospital's total rewards package typically includes medical cover, a structured performance management framework, and opportunities for professional development and certification support.

•Who Should Apply

Ideal candidate: A seasoned IS auditor with deep ITGC and application controls experience, hands-on ERP audit exposure (preferably Navision), and a track record of supervising junior auditors and delivering high-quality audit reports. You are CISA-certified (or near completion), comfortable with data analytics tools, and capable of influencing ICT leadership on control matters. Experience within a hospital, healthcare institution, or similarly regulated environment is a strong differentiator.

Do not apply if: You have fewer than five years of IS audit experience, hold no relevant professional certifications, have never led or supervised an audit team, or are applying from a purely IT operations or IT support background without audit assurance experience.

•How to Apply

Prepare an updated CV and a cover letter addressing your IS audit experience, supervisory background, and CISA/relevant certification status.
Quote the reference number TNH/HHR/SSA/06/2026 in your application subject line or cover letter.
Submit your application through Nairobi Hospital's official careers portal or via the email address specified in the Hospital's official recruitment communication.
Only shortlisted candidates will be contacted. Nairobi Hospital is an equal opportunity employer.

Requirements Breakdown

Must Have

Certified Internal Auditor (CIA) or Certified Information Systems Auditor (CISA) certification
Minimum 7–10 years of IT/IS audit experience, including 2+ years in a supervisory or senior role
Hands-on experience auditing ERP systems (preferably Navision/Dynamics), HMIS, and healthcare IT environments
Proficiency with TeamMate Audit and audit analytics platforms (or equivalent CAAT tools)
Strong knowledge of IT General Controls (ITGC), cybersecurity frameworks (NIST, ISO 27001), and IIA/ISACA/COBIT standards

Nice to Have

Certified Information Security Manager (CISM) or similar cybersecurity certification
Previous experience in healthcare, hospital, or regulated industry audit
Familiarity with penetration testing concepts and business continuity/disaster recovery assurance
Experience with data analytics or SQL for Computer-Assisted Audit Techniques (CAATs)

Don't meet every requirement? Tailor your CV to close the gap →

Salary Context

Competitive mid-to-senior level salary for IS audit in Kenya; reflects expertise and supervisory scope

KES 200–350k/mo is above median for systems auditors in Nairobi but typical for senior roles at large private institutions. Variation within range depends on years of experience, certifications (CIA/CISA), and prior healthcare audit exposure. Private hospital salaries are generally higher than public sector or smaller firms.

About Nairobi Hospital

Nairobi Hospital is one of East Africa's leading private healthcare providers, known for advanced clinical and diagnostic capabilities and significant investment in health IT infrastructure. As a major referral centre serving Kenya and the wider region, the Hospital operates complex integrated systems spanning electronic health records, laboratory information systems, and billing platforms, making it a centre of excellence for healthcare technology governance. Working at Nairobi Hospital offers exposure to sophisticated healthcare IT environments and the opportunity to shape information risk and compliance strategy at a trusted national institution.

Likely Interview Questions

1
Walk us through a complex IT audit you led on an ERP or HMIS system. What control gaps did you identify, and how did you prioritise remediation with management?
2
Tell us about your experience using audit automation platforms (TeamMate, ACL, or similar). How have you configured workflows to reduce manual effort and improve audit cycle times?
3
Nairobi Hospital is implementing a new Kranium HMIS. How would you embed audit and control considerations into that project from the planning phase through go-live?
4
Describe your approach to supervisory oversight: how do you review junior auditors' work, coach them on IS audit methodology, and ensure technical quality of audit reports?
5
What experience do you have auditing cybersecurity controls or conducting penetration testing assurance? How do you assess the adequacy of a hospital's security posture?

Application Tips

Prominently feature your CIA or CISA certification and years of hands-on IS audit experience; Nairobi Hospital clearly values formal audit credentials and depth.
Highlight any prior healthcare, hospital, or regulated industry audit work — it's a niche skill that will differentiate you and reduce onboarding risk for the employer.
Demonstrate concrete examples of audit automation and workflow optimisation you've implemented (TeamMate, ACL, Alteryx, Python, SQL); this role depends heavily on efficiency and modern CAATs.
Emphasise supervisory or coaching experience: the role includes managing the Information Systems Audit Unit, so show evidence of mentoring junior auditors and improving team technical capability.
If you have experience with Navision, Dynamics, or other ERP systems, or with healthcare-specific compliance (HIPAA, data protection), call that out explicitly — it's a major plus for this role.

Career Path

Roles that lead here

IT Auditor or IS Auditor (mid-level, 5–7 years of hands-on audit experience)

Systems Analyst or IT Control Specialist in a Finance, Audit, or Compliance team

Internal Audit Senior or Audit Manager (non-IS background transitioning into technology audit)

YOU

Where this leads

Head of Internal Audit or Chief Audit Executive (CAE) — stepping up to oversee the entire internal audit function

IT Risk Manager or Chief Information Security Officer (CISO) — leveraging audit expertise to lead enterprise IT risk and security

Consultant in IT audit and governance — advising healthcare providers and other regulated industries on audit, compliance, and controls

Skills & Keywords

information systems auditorIS audit kenyaIT audit nairobiCISA jobs kenyacybersecurity auditERP audit navisioncomputer science jobs kenyahealthcare IT audit

Honest Assessment

Green Flags

Clear supervisory and technical leadership scope: this is a genuine senior role with team oversight, not a senior-in-title individual contributor position.
Explicit mention of major system implementations and direct collaboration with the ICT Director — you'll have visibility and influence on hospital-wide digital strategy, not just audit reports.
Strong emphasis on audit automation and modern tools (TeamMate, CAATs) — indicates the employer is invested in efficiency and professional development for audit teams.
Competitive salary range (KES 200–350k/mo) and prestigious employer (Nairobi Hospital) — solid financial reward and brand recognition in Kenya's healthcare and audit sectors.

Watch Out

The description is truncated at the end ('Prepare clear, evidence-b...'), leaving the full scope of reporting and deliverable expectations unclear.
No mention of benefits, leave policy, professional development budget, or career progression — typical for comprehensive postings, but worth clarifying with HR before applying.

A Day in the Life

☀️

Your week begins with a risk-planning session for the upcoming Kranium HMIS audit, where you align scope with the ICT Director and set up automated data extraction rules in TeamMate Analytics. Tuesday morning you're reviewing working papers from your IS Auditor on access controls testing, coaching them on deficiency write-ups and evidence sufficiency. Wednesday you spend in the ICT team reviewing network security architecture and designing testing for change management controls; by afternoon you're running SQL queries in TeamMate to identify unusual transactions in the Navision ERP billing module. Thursday involves a meeting with the Internal Audit Manager to escalate a cybersecurity finding and draft the executive summary for the PACS audit; Friday you're configuring workflow automation in TeamMate to reduce manual report generation and prepping for the next audit committee update. Throughout, you're balancing complex technical analysis with mentoring, stakeholder engagement, and documentation — all within a high-stakes healthcare environment where audit findings directly support patient safety and regulatory compliance.

Frequently Asked Questions

What qualifications do I need to be a Senior Systems Auditor at Nairobi Hospital?

You will need a CIA or CISA certification, 7–10 years of IS audit experience (including 2+ years in a senior or supervisory role), and hands-on expertise auditing ERP systems, HMIS, and healthcare IT controls. Additional certifications like CISM or experience in healthcare audit are highly valued.

Is the Senior Systems Auditor role at Nairobi Hospital remote or on-site?

The posting does not specify remote work arrangements. As a role involving on-site system assessments, collaboration with ICT teams, and fieldwork auditing clinical systems, it is likely primarily office-based in Nairobi; clarify flexibility with HR during the interview process.

How much does a Senior Systems Auditor earn at Nairobi Hospital?

The posted salary range is KES 200,000–350,000 per month, depending on experience, certifications, and background. This is competitive for senior IT audit roles at major private institutions in Kenya and reflects the technical expertise and supervisory responsibility required.

What are the career growth opportunities for this role?

This role is a clear stepping stone to Head of Internal Audit or Chief Audit Executive positions, or to IT risk and security leadership roles (CISO). You'll also gain deep exposure to healthcare technology strategy and major system implementations, valuable for consulting or advisory careers.

Free Match Score