ROLE OVERVIEW

We are seeking a skilled IT Audit professional (Assistant Manager / Senior Consultant level) to lead and deliver technology and cybersecurity audit engagements. The role involves assessing IT controls, security frameworks, and governance practices across a range of environments, ensuring alignment with regulatory requirements and industry standards.

KEY RESPONSIBILITIES

Technology Audits

• Perform audits covering cloud environments, including security, governance, and deployment architecture
• Review system configurations, hardening practices, and infrastructure security across platforms
• Assess risks related to emerging technologies and recommend mitigation strategies

Cybersecurity Audits

• Evaluate cybersecurity governance frameworks and organizational security posture
• Review identity and access management controls (IAM)
• Assess network security components including firewalls, IDS/IPS, and web application firewalls (WAF)
• Conduct or review Vulnerability Assessments and Penetration Testing (VAPT)
• Assess data protection measures, incident response processes, and security operations

IT Controls Assessment

• Perform reviews of IT General Controls (ITGC) including access management, change management, and IT operations
• Evaluate application controls to ensure data integrity, accuracy, and reliability
• IT Service Management (ITSM) Audits
• Assess IT service management processes aligned with frameworks such as ITIL
• Review incident, problem, change, and service request management processes

Compliance & Regulatory Audits

• Conduct compliance assessments against relevant standards and regulations such as:
  • UAE Information Assurance (UAE IA)
  • ISO 27001
  • NIST
  • CIS Controls
• Identify gaps and provide actionable recommendations for compliance improvement

QUALIFICATIONS & EXPERIENCE

• Bachelor's degree in Information Technology, Computer Science, or related field
• 6–8 years of experience in IT Audit, Technology Risk, or Cybersecurity
• Experience working in consulting firms or large enterprises is preferred
• Strong understanding of cloud platforms (AWS, Azure, GCP) and security best practices
• Hands-on experience in ITGC, ITAC, and cybersecurity audits

Preferred Certifications

• CISA (Certified Information Systems Auditor)
• CISSP (Certified Information Systems Security Professional)
• ISO 27001 Lead Auditor / Implementer
• ITIL Certification

Key Skills

• Strong knowledge of IT audit methodologies and risk assessment techniques
• Familiarity with cybersecurity tools and technologies
• Analytical thinking with strong attention to detail
• Excellent communication and stakeholder management skills
• Ability to manage multiple engagements and deliver within timelines

Key Deliverables

• Audit reports highlighting risks, gaps, and control weaknesses
• Practical and actionable remediation recommendations
• Compliance assessment reports aligned with industry standards
• Stakeholder presentations and audit documentation

Vertical

Technology