Audit Manager - IT (Vice President)

• As an Auditor In-charge, prepare a comprehensive audit plan and prepare and maintain risk assessment of each of the process streams within the cyber and information security functions to identify the assignment scope, audit approach and critical audit areas/ processes to focus on and surface key control risks.
• Manage and supervise performance of IT auditors/ Senior IT Auditors on jobs under charge to ensure effective and timely execution of assignments.
• Ensure adequate and effective coverage of all major processes in line with approved audit plan to identify and raise all important process/ control weaknesses together with suggestion for improvements in line with best practices.
• Discuss and agree with Unit Management the audit risk/ control gaps and opportunities for improvements and obtain management response for resolution/ implementation together with target dates.
• Draft audit reports containing critical risk/ control opportunities, including an objective risk assessment of various processes and overall unit, highlighting critical risk/ control concerns arising from audit.
• Develop action plans and review management action to ensure that items are not closed without appropriate resolution. Track open audit action plans and escalate overdue items to senior level, as appropriate, to ensure their resolution and closure.
• Provide coaching and on the job training to junior auditors to enhance their skills to carry out audits more objectively.
• As a Relationship Manager and Center of Excellence, develop a cordial and professional working relationship with managers and counterparts for the purpose of mutual understanding, easy communication and to obtain their “buy in” on audit findings and suggested opportunities for improvement.
• As an In-house Consultant, conduct reviews or participate in special assignments such as system development/ integration projects and identify risk/ control gaps, and recommend opportunities for improvement in line with best practices.

متطلبات الوظيفة

• Engineering Degree in Computer Science/ Information Technology/ Information Security.
• CISA certification is essential and any additional relevant certifications such as CISSP, CISM, CDPSE, CRISC & CSX.
• 10+ years of experience in Information Security & IT Audits, preferably in Big-4 firms or Banking Industry in Managerial position.
• Working knowledge of Information Security domains viz, cyber security, information risk management, third-party risk management, vulnerability management and information security governance.
• Exposure to programs involving data privacy regulations across multiple geographies viz, GPDR, PDPL, PDPO etc.
• Good understanding of cloud-based services, Microservices, API Technology and evaluating/ auditing cloud and digital domain.
• Good communication skills, both oral and written.