Job Description
Carry out review of organizational activities assigned following departmental standards, as well as the Standards for the Professional Practice of Internal Audit internal control processes Produce and review reports and audit work papers, ensuring effective documentation of results of reviews on assigned activities that have been made, as well as the recommended action that management should take, for easy follow up Identify potential IT risks and related issues by applying knowledge of Information Technology industry trends and present IT environment. Take part in major IT initiatives and projects as well as in reviews of security systems and internal controls under development Possess advanced knowledge of network and application vulnerability assessment, IT practices, risk assessment practices, change control, data privacy, and business continuity Broad audit experience across various areas of IT, including databases, operating systems, and applications Strong ability to give attention to detail in addition to organization and project management skills Possess sound judgment, business risk awareness, and inquisitive personality; ability to think critically and critic event and outcome professionally Strong ability to research and gather information from both business and IT functions Strong analytical and problem-solving skills to resolve issues promptly as they occur Strong ability to work collaboratively and cooperatively with all employees irrespective of their status in the organization Exceptional ability to work on and manage multiple projects and responsibilities effectively Exceptional interpersonal skills to get other people to put in additional efforts at achieving departmental goals, as well as to build consensus across diverse teams Requirements A Bachelor's degree in Information Technology, Computer Science, Business Administration, or a related field. Relevant certifications (e.g., ITIL, TMMI, etc.) are highly beneficial. Minimum of 5-7 years of experience in IT audit, risk management, or compliance roles. In-depth understanding of IT governance frameworks such as ITIL, or ISO 27001. Knowledge of relevant industry standards and regulations. Strong knowledge of risk management practices, including risk assessment, mitigation strategies, and control frameworks. Experience in managing IT governance projects and collaborating with cross-functional teams. Strong ability to analyze governance and compliance data to identify trends, risks, and opportunities for improvement. Exceptional written and verbal communication skills, with the ability to convey complex concepts clearly to stakeholders at all levels. Experience working with IT auditing and IT teams. Familiarity with business continuity planning and disaster recovery processes. Expertise in cloud governance and cloud security frameworks. Knowledge of business intelligence and reporting tools to track IT governance metrics. knowledge in applying ISO/IEC 27001, ISO/IEC 20000, ISO/IEC 22301, ISO/IEC 27018, ISO/IEC 9001, CMMI, ITIL, TMMI is a plus.
