IDB2993 – Lead IT Internal Auditor
Business Unit: President Complex
Division: Not Applicable
Department: Internal Audit
Contract type: Regular Staff
Country: Saudi Arabia
Location: Saudi Arabia – Jeddah
Closing date: 20-Apr-2023
The role is responsible for the efficient development and execution of IsDB’s IT audit plan, by coordinating audits across IsDB to identify risks associated with business objectives and evaluate the general controls of the IT infrastructure and support services including internal accounting controls, operational controls, administrative controls, organizational security policies and procedures, overall policies for the design and use of adequate documents and records, procedures and practices to ensure adequate safeguards over access, physical and logical security policies for all data centres and IT resources.
Driving IT Audit Activities:
- Lead and coordinate the preparation of the IT audit plan including the update of the audit universe and risk assessment.
- Lead the execution of the audit plan, review management processes, and internal controls to assess their adequacy/ effectiveness for ensuring compliance with relevant policies, internal controls, procedures, standards, best practices and applicable Management plans/ decisions, covering infrastructure, information/ cyber security, applications, technology platforms, etc., in the HQ and in the Regional Hubs, in order to ascertain whether controls operate effectively to ensure accountability for decision-making and implementation of decisions.
- Lead reviews of IT applications and underlying systems to ensure effective design and implementation as well as operating effectiveness is achieved.
- Lead the provision of IT audit support to other internal audit units (i.e. Corporate and Operations) for testing information technology controls, reports, and data analysis for business internal audit assignments.
- Lead the preparation of a concise and informative audit report to effectively communicate the findings and recommendations to the branch/department and senior management.
- Provide advice and recommendation to IsDB Management (based on the findings of internal audits) and discusses impact of risk related areas.
- Conduct follow-up on IsDB Management’s implementation of internal audit recommendations and participate in the preparation of follow-up reports to the President and audit committee.
- Participate as necessary in IT and Risk committees as an observer to gain an understanding, and advice when needed, on the decisions made by the committee and their implications.
- Perform quality reviews on the IT audit engagements to ensure scope and objectives are achieved and risks are covered in-line with standards and best practices.
- Ensure effective implementation and adherence to policies, procedures and controls so that all relevant procedural / professional requirements are fulfilled.
- Keep abreast of the latest developments, regulations and leading practices in the field and propose any necessary actions.
- Propose and implement process improvements to increase efficiency, effectiveness and compliance of the related business processes.
- Provides motivational and inspirational leadership to the team members and communicates clear performance expectations.
- Coaches, mentors, develops and provides regular feedback to the team members on results at a function level, promptly addressing areas of improvement.
- Supports filling in key capability gaps of the team through capacity development and recruiting efforts.
- Acts as a role – model to communicate to the unit’s staff IsDB’s values and leadership competencies and provides direction and support in times of change.
Education, Experience & Certification:
Academic and professional qualifications:
- Bachelors’ degree in Information Technology, Computer Science or any related fields.
- Professional Auditor qualification, CISA, or similar preferred.
- Minimum 10 years of experience in IT audit, in large organizations or audit firms, of which 3 years of managerial experience.
Skills & Necessary Knowledge:
- Audit operations.
- Audit methodologies and processes.
- Corporate Governance.
- Internal Control and Compliance.
- Information Systems Audit.
- Fraud and corruption detection and investigation.
- Building Relationships.
- Client Centricity and Responsiveness.
- Motivation to Learn and Share.
- Analytical thinking.
- Problem solving.
- Attention to detail.
- Computer Assisted Audit Tools and Techniques (ACL, Process mining tools, Power-BI, Nipper, Nessus).
- Report Writing.
- MS Office