Job Title: IT Auditor
Location: Riyadh, Saudi Arabia
Job Type: Full-Time
Experience Level: Senior (4+ years of experience)
Job Summary:
We are seeking a highly skilled Senior Information Technology (IT) Performance Auditor to lead and execute complex audits focused on assessing the economy, efficiency, and effectiveness of IT systems and processes within the organization. The ideal candidate will possess extensive experience in IT auditing, a deep understanding of performance audit principles, and a proven ability to deliver insights that drive significant improvements in IT operations and governance.
Key Responsibilities:
Audit Planning and Strategy:
- Develop and lead the planning of IT performance audits, including defining audit objectives, scope, methodologies, and criteria in alignment with ISSAI 300 and related IT audit standards.
- Identify high-risk areas in IT operations that require audit attention, including system development, cybersecurity, data management, and IT governance.
- Design comprehensive audit plans that address both strategic IT objectives and operational effectiveness.
Audit Execution:
- Oversee and conduct detailed audits of IT systems and processes, focusing on areas such as system reliability, data integrity, cybersecurity controls, and compliance with regulatory standards.
- Evaluate the effectiveness and efficiency of IT infrastructure, applications, and processes, identifying areas for cost savings, performance improvement, and risk mitigation.
- Collaborate with cross-functional teams to gather and analyze audit evidence, ensuring that audit findings are based on sufficient and appropriate data.
Reporting and Communication:
- Prepare and review comprehensive audit reports that clearly communicate findings, conclusions, and recommendations to IT management and other stakeholders.
- Present audit findings to senior management, emphasizing areas of concern and actionable recommendations for improvement.
- Maintain effective communication with IT stakeholders throughout the audit process, ensuring transparency and fostering collaboration.
Follow-up and Impact Assessment:
- Conduct follow-up audits to assess the implementation of audit recommendations and the effectiveness of corrective actions taken by the IT department.
- Analyze trends and themes across IT audits to provide strategic insights for ongoing improvement of IT governance and operations.
Leadership and Mentorship:
- Lead, mentor, and develop junior auditors within the IT audit team, fostering a culture of continuous learning and professional development.
- Collaborate with senior management to build IT audit capacity within the organization and ensure the IT audit function is equipped to address emerging risks and challenges.
Qualifications:
- Education: Bachelor’s degree in Information Technology, Computer Science, Information Systems, or a related field. professional certifications (e.g., CISA, CISSP, CISM) is preferred.
- Experience: A minimum of 3 years of experience in IT auditing, with at least 1 year in a senior role focused on performance auditing of IT systems and processes.
- Skills:
- Deep knowledge of IT performance audit principles and methodologies, particularly those related to ISSAI 300 and IT audit standards (e.g., COBIT, ISO 27001).
- Strong analytical skills with the ability to assess complex IT environments and identify areas for improvement.
- Excellent report-writing and communication skills, with experience presenting audit findings to executive leadership.
- Proven ability to manage and lead large-scale IT audit projects, including resource management, risk assessment, and quality control.
- Strong leadership and mentoring skills, with a focus on developing audit talent and building team capacity.
Preferred Experience:
- Experience in auditing IT systems within government entities or large organizations, with a focus on aligning IT operations with organizational goals and compliance requirements.
- Familiarity with industry best practices in IT governance, risk management, and cybersecurity.
Key Competencies:
- Professional judgement and skepticism
- Quality control and materiality assessment in IT contexts
- In-depth understanding of IT governance and regulatory frameworks
- Ability to manage IT audit risk and ensure the credibility of audit findings