IT & OT Audit Manager

About the Role

ACWA Power is seeking an experienced IT & OT Audit Manager to lead and execute highly technical IT, OT, and cybersecurity audits across the group. This role will play a critical part in evaluating and strengthening governance, risk management, and control frameworks across industrial control systems, operational technology environments, and enterprise IT systems.

You will work closely with senior stakeholders, audit committee members, and cross-functional teams to deliver complex audits in a rapidly evolving technology landscape, particularly within energy, utilities, and critical infrastructure environments.

Key Responsibilities

• Plan and execute IT and OT internal audits, cybersecurity reviews, and advisory engagements from initiation through reporting.
• Perform audits across ICS, SCADA, OT networks, and IT/OT converged environments.
• Develop detailed Audit Programs and Risk & Control Matrices (RCMs) aligned with group-wide risks.
• Identify high-risk areas, control gaps, root causes, and business impacts within IT/OT environments.
• Apply data analytics, IS audit techniques, and sampling methodologies during audit execution.
• Prepare high-quality audit reports, including professional conclusions and practical improvement recommendations.
• Track and validate management corrective actions through follow-up audits.
• Contribute to periodic reporting to Senior Management and Audit Committee.
• Provide insights on emerging technology risks, cybersecurity threats, and OT security trends.
• Support integrated audits and collaborate with business and group audit teams.

Required Qualifications & Experience

• Bachelor's degree in Computer Science, Information Technology, Engineering, or related discipline.
• 710 years of experience in IT Internal Audit, with at least 3+ years in OT / ICS environments.
• Hands-on experience conducting cybersecurity assessments for IT/OT environments.
• Strong knowledge of ICS, SCADA, OT network architecture, and IT/OT convergence.
• In-depth understanding of OT/ICS standards such as IEC 62443, NIST 800-82.
• Knowledge of regulatory frameworks such as NCA (ECC, OTCC, CCC), NESA, ISR.
• Familiarity with OEM systems (e.g., Honeywell, Yokogawa, Siemens) is a strong advantage.
• Solid understanding of COBIT, ITIL, ISO 27001, NIST, ITAF.

Preferred Certifications

• CISA (mandatory or highly preferred)
• OT / ICS-related certifications (e.g., GICSP, IEC 62443)
• CISSP, CISM, GIAC certifications
• Networking or Cloud certifications are a plus

Why Join ACWA Power

• Work on large-scale, mission-critical energy and infrastructure projects
• Exposure to advanced OT environments and emerging technologies
• High visibility role with senior leadership and audit committee
• Strong career growth and learning opportunities