Search by job, company or skills

Al Rajhi Bank

Executive Audit Manager Information Technology

Save
  • Posted 22 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

JOB PURPOSE:

  • Lead the activities of evaluating the bank Technology/Cyber Security processes and assets and provide objective assurance on the effectiveness and efficiency of operations, controls, governance, risk management and report accordingly to the IT Audit Director.
  • Lead under the guidance of IT audit director the audit plan development, management and execution, strategic initiatives, in relation to internal audit operations covering ARB IT, Cyber Security and business managed platform technology teams, inclusive of ARB subsidiaries locally and internationally (e.g. Kuwait, Jordan, Malaysia, Emkan, Ejada, NewLeap, Tawtheeq, etc.), also, managed affiliates.
  • Provide support when requested by IT Audit Director and CIA in responding to external auditors and KSA regulators (e.g. SAMA, NCA). This includes the coordination of continuous monitoring of IA responses to regulators and the verification of regulatory issues.

KEY ACCOUNTABILITIES & DETAILED TASKS:

Department Strategy Formulation:

As a senior member of the Internal Audit department team, contributes to the formulation and implementation of the IT Audit strategy and plans as befitting the department and business line needs and objectives

Departmental Direction:

  • Performs, individually or as part of a team, IT audits in accordance with ARB Audit framework and the Standards for the Professional Practice of Internal Audit as set forth by the IIA, and department standards.
  • Conduct audits or lead audit teams in performance of IT/Cyber Security audits and reviews of systems, applications and IT processes.
  • Prepare and report results to executives and Audit Committees. These include:

  • Perform Cyber Security Reviews and assessment and provide required assurance to the bank. This includes maturity assessment on Cyber Security processes and controls.
  • IT audits (e.g. network, operating system and data center), including evaluating if Cyber Security Risks are properly identified and mitigated. Coordinate the scope and performance of these reviews with business units and Senior Management.
  • Evaluate Technology control environment and provide feedback in terms of effectiveness and risk mitigation.
  • Perform various other reviews of IT/Cyber Security management policies and procedures such as change management, business continuity planning/ disaster recovery and information security to ensure that controls surrounding these processes are adequate.

  • Make recommendations on control deficiencies and follow up to ensure significant deficiencies are corrected. Assist IT/Cyber Security management to develop appropriate action plans to address identified deficiencies, and ensure corrective actions are implemented in a timely manner to effectively address the issues.
  • Prepares detailed plans for performing individual audits including the identification of key risks and controls, determination of audit objectives, and development of an appropriate audit program.
  • Prepares under minimal supervision audit reports designed to provide operating and corporate management and the Audit Committee of the Board of Directors with an objective assessment of systems, processes and operations, and management's planned corrective actions.

Annual Audit and Risk Assessment:

  • Lead annual Audit Planning activities for IT and Cyber Security, as well as with other audit groups as required, ensuring that audit plans provide required assurance.
  • Use knowledge of the current IT environment and industry IT trends to identify potential issues and risks.
  • Lead the development and execution of a comprehensive audit plan based upon risk assessment, management's goals and objectives, and the requirements of the Board Audit Committee. Identifies potential audit areas, assists with assessing the degree of inherent risk, and estimating the time and skills required to complete audit projects
  • Monitor progress of Audit Plan assignments and special assignments

and ensure timely implementation and execution of the approved audit plan.

Quality Assurance:

  • Ensure the adherence to quality assurance requirements during IT audit process lifecycle and participate in implementing recommendations for any quality assurance concerns.

Relationships:

  • Develops and maintains productive staff and management relationships through individual contacts and group meetings

People Management:

  • Participate and ensures the effective achievement of functional objectives through leadership of the IT Audit, assist IT Audit Head in setting departmental and individual objectives, managing performance, developing and motivating staff, provision of formal and informal feedback, and appraisal in order to maximize subordinate and departmental performance

Minimum Qualifications:

  • Bachelor's degree in information systems.

Professional accreditation is preferred such as:

  • CISA (Certified Information System Auditor)
  • CISM (Certified Information Security Manager)
  • CGEIT (Certified in the Governance of Enterprise IT)
  • CRISC (Certified in Risk and Information Systems Control)
  • CIA (Certified Internal Auditor)

Job-Specific Skills:

  • In depth knowledge of financial services banking technology and related risks (e.g. cloud technologies, IT operations, data center services, storage & databases, server virtualization, cybersecurity operations, data privacy, data protection, cryptography, data loss prevention).

More Info

Job Type:
Industry:
Employment Type:

About Company

Job ID: 150969255