IT Audit Manager

Job description

Job summary:

Leads IT audit engagements to assess IT governance, cybersecurity controls, and technology risks.

Plans IT audits, supervises testing of controls, and reports findings and remediation tracking.

Responsibilities:

• Lead and supervise IT audit engagements, ensuring alignment with the annual audit plan and risk priorities.

• Approve IT audit scopes, programs, and timelines; allocate resources and manage delivery risks.

• Review workpapers and evidence to ensure quality and appropriate coverage of IT risks and controls.

• Prepare and present IT audit reports and key themes to Internal Audit leadership and stakeholders.

• Drive continuous improvement through use of audit tools, data analytics, and standardized testing approaches.

• Test IT general controls (e.g., access management, change management, IT operations) and relevant application controls as applicable.

• Document workpapers, evidence, and testing results in line with Internal Audit methodology.

• Draft audit observations, risk ratings, and recommendations for control improvements.

• Coordinate with IT stakeholders to validate findings and agree on remediation actions and timelines.

• Support follow-up to track IT remediation actions and validate closure.

• Maintain confidentiality and independence while working with stakeholders.

Competencies:

Core Competencies:

• Accountability

• Communication

• Innovation

• Teamwork

Leadership Competencies:

• Adaptability

• Courageous

• Inspiring

• Results-Driven

Technical Competencies:

• Audit Implementation

• Use of Audit Tools and Methods

• Risk Management and Assessment

• Aligning Practices with Laws

Role Qualifications:

Educational Background:

Bachelor's degree in Information Systems, Computer Science, Accounting, or a related field.

Experience:

Minimum 6+ years of relevant experience in internal audit, risk, compliance, or related assurance roles. Professional certification (e.g., CIA / CPA / CISA) is preferred.

Technical Skills:

Understanding of IT controls, IT governance, and cybersecurity fundamentals; Experience with IT general controls (access, change, operations) and evidence-based testing; Ability to analyze logs/reports and support audit analytics where applicable; Proficiency in Microsoft Office; familiarity with audit tools is an advantage.

Soft Skills:

Strong analytical and problem-solving skills; Clear written and verbal communication; Stakeholder management and collaboration; High attention to detail, integrity, and confidentiality.