Background

Q-Sourcing Servtec Group (QSSG) is looking for a competent and innovative Group Internal Auditor – Quality, Risk & Compliance to join our team.

Job Purpose

The Group Internal Auditor – Quality, Risk & Compliance provides independent assurance on the adequacy and effectiveness of internal controls, risk management, and compliance processes across all Q-Sourcing Servtec entities. The role reports administratively to the CEO for resources and logistics, and functionally to the relevant Board Committee. Working with Group and Country leadership, the position strengthens governance frameworks, drives risk-based audit planning, ensures compliance with policies and regulations, and promotes a culture of accountability, safety, and continuous improvement.

Key Responsibilities

Independence

Ensure audit independence, avoiding direct ownership of operational activities such as training delivery or policy implementation that could impair objectivity.

Audit Planning & Risk Management

• Develop an Internal Audit Charter, policies and procedures
• Develop and implement a risk based internal audit plan approved by the relevant Board committee aligned with strategic priorities and key business risks, including areas of contract management, compliance, and EHS performance.
• Develop and maintain a Group Risk management framework and Corporate risk register updated quarterly.
• Evaluate the effectiveness of risk management processes and internal controls across all business units.

Compliance & Quality Assurance

• Monitor contract risk management, statutory, regulatory compliance, and policy adherence across all subsidiaries.
• Collaborate with management to ensure alignment with ISO, labor, tax, data protection, and safety standards.
• Promote process standardization, quality assurance, and operational efficiency across subsidiaries.
• Develop a compliance dashboard to report to management and the Board

EHS & Safety Culture

• Conduct periodic audits of EHS frameworks to ensure alignment with company and regulatory standards.
• Evaluate incident management processes and track implementation of corrective actions.
• Promote a culture of health, safety, and environmental accountability through audit recommendations and follow-up.

Fraud Risk & Whistleblowing

• Oversee fraud detection, anti-bribery/anti-corruption initiatives, and the whistleblowing mechanism.
• Ensure investigations are documented, reported, and escalated appropriately.

Technology & Data Analytics

• Utilize audit management and analytics tools to enhance audit coverage and identify anomalies.
• Support automation and data driven insights for proactive risk management.

Reporting & Governance

• Provide advisory input on governance structures, internal control enhancements, and ethical business conduct.
• Prepare quarterly internal Audit reports to the relevant board committee and Group CEO
• Support management in preparing for external audits, certifications, and due diligence

Behavioral Attributes

• Integrity/Professional Ethics
• Discretion/Emotional Intelligence
• Accountability
• Objectivity/Sound judgement
• Assertiveness

Key Performance Indicators (KPIs)

• 100% of audit findings closed within 6 months.
• 100% of high-risk areas (including compliance and EHS) covered in the annual audit plan.
• No repeat findings year-on-year through monitoring management implementation
• Demonstrated improvement in control maturity and reduction in regulatory or safety incidents.
• 80% Board satisfaction rating on quality and independence of audit reports.

Mandatory Qualifications & Experience

• 8–10 years’ experience in internal audit, risk, and compliance (East Africa / multi country exposure).
• Professional certifications (CPA, CISA, CIA, or equivalent).
• Proven knowledge of risk-based auditing, ERM, and compliance frameworks.
• Knowledge of ISO 9001 standards will be an added advantage.
• Demonstrated experience advising leadership on governance and risk.
• Experience with audit management software and data analytics tools.
• Excellent stakeholder engagement, com

• Ensure audit independence, avoiding direct ownership of operational activities such as training delivery or policy implementation that could impair objectivity.
• Develop an Internal Audit Charter, policies and procedures
• Develop and implement a risk based internal audit plan approved by the relevant Board committee aligned with strategic priorities and key business risks, including areas of contract management, compliance, and EHS performance.
• Develop and maintain a Group Risk management framework and Corporate risk register updated quarterly.
• Evaluate the effectiveness of risk management processes and internal controls across all business units.
• Monitor contract risk management, statutory, regulatory compliance, and policy adherence across all subsidiaries.
• Collaborate with management to ensure alignment with ISO, labor, tax, data protection, and safety standards.
• Promote process standardization, quality assurance, and operational efficiency across subsidiaries.
• Develop a compliance dashboard to report to management and the Board
• Conduct periodic audits of EHS frameworks to ensure alignment with company and regulatory standards.
• Evaluate incident management processes and track implementation of corrective actions.
• Promote a culture of health, safety, and environmental accountability through audit recommendations and follow-up.
• Oversee fraud detection, anti-bribery/anti-corruption initiatives, and the whistleblowing mechanism.
• Ensure investigations are documented, reported, and escalated appropriately.
• Utilize audit management and analytics tools to enhance audit coverage and identify anomalies.
• Support automation and data driven insights for proactive risk management.
• Provide advisory input on governance structures, internal control enhancements, and ethical business conduct.
• Prepare quarterly internal Audit reports to the relevant board committee and Group CEO
• Support management in preparing for external audits, certifications, and due diligence

• Risk-based auditing
• ERM
• Compliance frameworks
• ISO 9001 standards
• Advising leadership on governance and risk
• Audit management software
• Data analytics tools
• Stakeholder engagement

• 8–10 years’ experience in internal audit, risk, and compliance (East Africa / multi country exposure).
• Professional certifications (CPA, CISA, CIA, or equivalent).
• Proven knowledge of risk-based auditing, ERM, and compliance frameworks.
• Knowledge of ISO 9001 standards will be an added advantage.
• Demonstrated experience advising leadership on governance and risk.
• Experience with audit management software and data analytics tools.
• Excellent stakeholder engagement, com