Senior IT Auditor

Job Description

Plan, execute, and report on IT audit assignments in accordance with the annual audit plan

Assess the adequacy and effectiveness of IT controls across infrastructure, applications, cybersecurity, and data protection processes

Conduct reviews of IT general controls (ITGCs), application controls, cybersecurity controls, and technology-enabled business processes

Evaluate information security practices, including access management, incident response, network security, and vulnerability management

Perform risk assessments to identify emerging IT risks and provide recommendations to strengthen control environments

Review IT project governance, system development life cycle (SDLC) processes, and technology change management practices

Prepare clear, concise, and insightful audit reports, highlighting issues, root causes, and actionable recommendations

Follow up on audit findings to ensure timely and effective remediation

Collaborate with cross-functional teams to support compliance with internal policies and regulatory requirements

Provide advisory support on IT controls for new systems, digital transformation initiatives, and process automation projects

Bachelor’s degree in Information Technology, Computer Science, Information Systems, or related discipline                                         

"CISA (Certified Information Systems Auditor)

CISSP (Certified Information Systems Security Professional)

CISM (Certified Information Security Manager)

ISO 27001 Lead Auditor

CIA or other relevant certifications"                                               

"Minimum 6–8 years of experience in IT auditing, IT risk management, cybersecurity, or information systems assurance.

Job Summary

The Senior IT Auditor is responsible for evaluating, testing, and enhancing the effectiveness of the organization’s IT governance, risk management, and internal control frameworks. The role ensures that information systems, security controls, and technology operations comply with regulatory requirements, industry standards, and internal policies. The Senior IT Auditor provides expert insights, identifies control gaps, recommends improvements, and supports the organization in safeguarding its digital assets

• Bachelor’s degree in IT engineering, information systems, computer science, cybersecurity, or a related field.
• Professional certifications such as CISA, CISSP, CRISC, CISM or equivalent are highly preferred.
• At least 5 years of IT audit, IT risk, or technology assurance experience with Big 4 firms or major multinational companies (MNCs). Exposure to GCC family business environments is a plus.