We are hiring an IT Audit Manager responsible for leading end-to-end IT audits across large, complex enterprise and industrial environments. Role covers IT governance, cybersecurity, SAP and corporate applications, infrastructure, and Industrial IT/SCADA systems. Acts as a trusted advisor to senior management, delivering risk-based audits, regulatory compliance, and actionable control improvements across multiple sites.
Responsibilities:
- Planning and Designing Audits: Develop comprehensive audit plans that outline the scope, objectives, and methodologies for evaluating the effectiveness, efficiency, and security of IT systems and processes.
- Risk Assessment: Conduct risk assessments to identify vulnerabilities in the IT infrastructure, including cybersecurity threats, data integrity issues, and system availability risks. Based on these assessments, prioritize areas for auditing.
- Performing Audits: Execute audits according to the planned scope, including reviewing and testing IT controls, systems, and processes to assess their effectiveness. This often involves evaluating IT governance practices, security policies, access controls, disaster recovery planning, and operational procedures.
- Reporting Findings: Document audit results, including identified weaknesses or non-compliance issues. Provide clear, actionable recommendations for addressing these issues.
- Follow-up and Verification: Follow up on audit findings to ensure that corrective actions have been implemented effectively. Verify that recommendations are carried out and that the desired outcomes are achieved.
- Advisory Role: Act as an advisor to management on IT risk management, control, and governance processes. Offer guidance on enhancing IT frameworks, policies, and procedures.
- Regulatory Compliance: Evaluate the organization's compliance with relevant industry standards and regulatory requirements related to IT, such as GDPR, ISO27001, ISR, SOX, HIPAA.
- Collaboration and Communication: Work closely with IT teams, external auditors, and other stakeholders. Effectively communicating audit findings, risks, and recommendations to both technical and non-technical audiences
- Produce high-quality audit reports with clear, actionable recommendations
- Lead closing meetings and secure management buy-in on remediation actions
- Track and follow up on audit findings and corrective actions
- Act as a trusted advisor to management on IT risk, governance, and control frameworks
- Manage and oversee co-sourced / outsourced audits where required
- Support ad-hoc reviews and fraud investigations when requested
The above is to be carried out across all sites/subsidiaries in the following IT functions:
- Industrial IT Systems (including SCADA systems)
- SAP and other Corporate & Mobile Applications.
- IT Governance.
- IT Infrastructure (network, telecom, Data Centres etc.)
- Information Security (including cyber security).
- GRC Access and Process Control systems.
- Industry 4.0
Requirements:
Experience
Minimum 8+ years total experience with at least 4 years managing or leading IT audits
Strong background in Internal Audit within large or complex organisations
Exposure to industrial, manufacturing, or mining environments is a strong advantage
Technical & Professional Skills
Strong understanding of:
IT infrastructure & operations
SAP ERP and enterprise applications
Cybersecurity principles and controls
Hands-on knowledge of frameworks and standards:
COBIT, ISACA ITAF
ISO 27001, GDPR, SOX, ISR, HIPAA
Strong audit planning, risk assessment, and reporting capability
Confident communicator able to engage senior and non-technical stakeholders
Qualifications
Degree in Computer Science, IT, or related field
Professional certifications highly preferred:
