Job Overview:
The Senior Information Technology (IT) Auditor is responsible for leading and executing risk-based Technology audits to assess effectiveness of the organization's IT, information security (including cybersecurity), data and artificial intelligence governance processes and controls. In addition, the Senior IT Auditor will be conducting audits and special assignments including transformation projects, system implementation reviews, technology related risk management reviews, general and application controls and recommending impactful valuable improvements.
Roles and Responsibilities:
- Assist the Internal Audit Department in developing the annual IT Audit Plan by analyzing technology trends, emerging IT risks and Group strategic initiatives.
- Develop IT audit programs, risk and control matrices, and test procedures for leveraging frameworks such as COBIT, NIST CSF, ISO 27001, and ITIL.
- Lead and execute audit scoping and risk assessment for ITGC, application, cybersecurity, and IT project audits in line with the annual riskbased audit plan and Group risk appetite
- Lead and perform IT audits covering areas including access management, change management, IT operations, backup & recovery, SDLC, job scheduling, batch processing, enduser computing, application controls for ERP environments and business systems, configuration controls.
- Test interfaces, data migration, automated controls, and reports in the context of system implementations, upgrades, and integrations.
- Evaluate cloud security, configuration, and resilience for IaaS/PaaS/SaaS environments (Azure, AWS, Google Cloud), including thirdparty and vendorhosted solutions.
- Support or lead integrated audits with operational/financial auditors to ensure technology risks are adequately covered.
- Ensure highquality, wellstructured working papers, observations and reports that document risk assessment, procedures performed, evidence obtained, and conclusions.
- Monitor and validate remediation of IT audit findings and agreed management action plans, including retesting of key controls.
- Contribute to data analytics and continuous auditing initiatives, including the designing of scripts.
- Coach and guide junior auditors on IT audit methodology, tools, and technical topics
Education Qualification and Experience:
- Minimum bachelor's degree in IT, Computer Science, Information Systems, Accounting, or related fields.
- Professional certification e.g. CISA, CRISC, CISM, CISSP
- 1215 years strong expertise in IT auditing, IT risk management, cybersecurity and IT governance preferably with Big 4 and Middle East MNCs.
- Hands-on experience with SAP S/4HANA, databases, operating systems, and cloud platforms.
- Familiarity with COBIT, NIST CSF, ISO 27001, ITIL.
Skills and Competencies:
- Knowledge of networks, OS, databases, cloud services, and enterprise architecture.
- Proficient in audit/analytics tools (ACL/Galvanize, IDEA, SQL, Power BI, Excel);
- Excellent communication, report-writing, presentation, and stakeholder management with senior leaders
