Cyber & Investigation Audit Lead

NEOM is a new vision of what the future could be. It’s an attempt to do something that’s never been done before and it’s coming at a time when the world needs fresh thinking and new solutions. Put simply, NEOM will not only be a destination, but a home for people who dream big and who want to be part of building a new model for sustainable living. NEOM will be a hub for innovation, where established global businesses and emerging players can research, incubate, and commercialize groundbreaking technologies to accelerate human progress.

Role Purpose

As Cyber & Investigation Audit Lead, you play a pivotal role in the auditing process, positioned strategically between the audit team and management. Your primary responsibilities include coordinating and overseeing the daily activities of the audit team, ensuring the effective execution of cybersecurity & investigations audit plans, and maintaining the highest standards of quality and accuracy. Your expertise in security, auditing principles and practices is vital in guiding the team through complex auditing processes, while also serving as a mentor to junior auditors. You liaise with the Audit Manager to report on audit progress and findings, contributing significantly to the identification and assessment of potential risks. Your role is essential in upholding security compliance with regulatory frameworks and in helping to create a collaborative and knowledge-driven environment within the team.

Key Responsibilities:

• Conducts cyber and investigations audits according to the relevant KSA regulatory authorities, and where appropriate, other international/ industry standards.
• Cultivates big-picture perspective by considering the context of processes and maturity of the department, system or facility being audited.
• Develops an understanding of organizational context through thorough determination and understanding of internal and external business risk and non-compliance issues that can impact the organization and its objectives.
• Investigates and understands the root causes of audit findings and uses them as the basis for determining remediation activities and assessing the effectiveness of those actions.
• Demonstrates understanding of auditee perspectives and awareness of business risks and non-compliance challenges faced by stakeholders and show empathy during the process.
• Recognizes opportunities for enhanced quality or efficiencies and challenges with, or considerations of implementing automation, analytics, and AI across each phase of audits.
• Ensures that management are kept abreast of significant audit issues if and when they arise, and that audit findings and next steps are agreed with all relevant stakeholders prior to circulation.
• Performs self-assessment and quality control to ensure audit reports and other deliverables are of sufficient quality when presented to stakeholders and/or Audit Senior Management for review.
• Coordinates with Internal Audit team in following up open and overdue observations.
• Ensures that emerging business risks are proactively understood and reported to audit leadership promptly.
• Manages budget process of all audits on the yearly plan ensuring that costs are managed, and overruns discussed with Manager or Senior Manager in good time.
• Ensures effective team working by providing leadership and performance guidance.
• Participates in on-going IA projects to identify various business risks and non-compliance.
• Ensures effective team working by providing performance guidance and support to the NIA junior audit team members through coaching, feedback, and mentoring.
• Supervises team members during audits to provide on-the-job training and mentoring as required.
• Performs real-time reviews of auditors’ deliverables and provide constructive feedback as and when necessary.
• Ensures that audit methodology and best practices are adhered to during the execution of audits and projects.
• Role model NEOM Values demonstrating effective leadership to all NIA team members.
• Contributes to Thought Leadership initiatives, focused on the relevant global trends to support and develop NEOM approaches, activities, and achievements.
• Adheres to the requirements of the IPPF when planning and conducting an internal audit engagement
• Demonstrates a wide range of hard and soft skills, including but not limited to high attention to detail, financial and business acumen, and immense integrity.
• Identifies relevant and valid criteria and thinks/ operate non-linearly to work smarter and innovatively.
• Reviews existing practices and procedures around governance, positioning, and responsibilities of portfolio management.
• Assists Management in the planning, design, and implementation of appropriate audit plans to ensure that deliverables for assigned audits are achieved.
• Develops strong stakeholder relationships and engages them positively in the initiation, planning, fieldwork and reporting phases of audits to ensure they are aware of upcoming audit plans, audit progress and the status of open audit issues/findings.
• Builds effective relationships and open lines of communication with all stakeholders across NEOM.
• Takes ownership of drafting audit reports and other deliverables to ensure that these are delivered on time and on budget.
• Analyzes own strengths and weaknesses to maximize personal contribution to the organization.
• Guides the internal audit team in using digital tools, creating an environment that supports digital skill development among team members.
• Shows skill in using a variety of digital tools and technologies important for internal auditing.
• Improves audit efficiency by applying digital methods, adding to the overall effectiveness of the audit process.
• Commits to ethical digital practices in your auditing work and encourage the same among your team.
• Plays a noticeable and effective role in advancing digital capabilities within the internal audit function.
• Possesses digital skills demonstrating awareness and application of existing and emerging digital technologies, capabilities, practices, and strategies.
• Demonstrates technical skills, ethics, and abilities to perform activities consistently to a defined standard while maintaining the highest standards of integrity, independence, and skepticism.
• Demonstrates functional vision and ability to anticipate future trends accurately by extrapolating existing trends and facts and filling the gaps in knowledge by thinking innovatively.
• Guides and supports the NIA audit team, including training and mentoring auditors.
• Reviews auditors work to ensure quality and provide timely, constructive feedback.
• Shows NEOM's values in actions and decisions, setting an example in leadership and ethics.
• Supports the strategic development of NIA to meet changing needs.
• Exemplifies and monitors due professional care of the internal audit team.
• Identifies and manages the needs and expectations of the stakeholders.
• Makes a positive impact on others, demonstrates credibility and secures respect and cooperation.

Qualifications:

• Minimum Bachelor’s degree, preferably in Technology field.
• Relevant professional qualifications (e.g. CISA, CISSP, CISM, GSEC, Security+, COBIT, ITIL etc.) or local equivalent.
• Knowledge on KSA National Cybersecurity Authority (NCA) is desired.
• Security knowledge in critical infrastructure, including OT/IOT is desired.
• Must become a member of the Institute of Internal Auditors (IIA).
• Minimum 4-6 years’ experience in IT Audit or other Risk Management / Compliance function in large and complex organisations, with preferably 2+ years’ experience in external audit / risk assurance (ideally Big4).
• Prior experience in cybersecurity audits (planning, leading, and delivering) associated with critical business applications, on-premises & Cloud infrastructure (e.g. Azure, AWS), operating systems (e.g. Windows, Linux), Databa