TDC Lead for ITGC

OVERVIEW

Position

Internal Audit – Information Technology Audit Lead

Job Code

Reports to

Internal Audit – Technology & Data Audit Manager

Direct Reports

-

Division/Section

Technology & Data

Department

NEOM Internal Audit

Sector

N/A

Job Family

Role Purpose

As a Information Technology Audit Lead, you play a pivotal role in the IT auditing and controls testing process, positioned strategically between the audit team and management. Your primary responsibilities include coordinating and overseeing the daily activities of the Tech & Data audit team, ensuring the effective execution of IT audit plans, and maintaining the highest standards of quality and accuracy. Your expertise in IT auditing principles and practices is vital in guiding the team through complex auditing processes, while also serving as a mentor to junior auditors. You liaise with the Tech & Data Audit Manager to report on audit quality, progress, and findings, contributing significantly to the identification and assessment of potential risks. Your role is essential in upholding compliance with regulatory frameworks and in helping to create a collaborative and knowledge-driven environment within the team.

BACKGROUND, SKILLS & QUALIFICATIONS

• Experience required:
  • Minimum 4-6 years’ experience in IT Audit or other Risk Management / Compliance function, preferably 2+ years’ experience in external audit / risk assurance (ideally Big4).
  • Knowledge of risk assessment models, auditing standards, reporting procedures and delivery of IT audits.
  • Advanced understanding of risk management concepts and techniques.
  • Familiarity with advanced IPPF audit standards and regulatory requirements.
  • Understanding of core standards relevant to audit.
  • Experience in IT General Control (ITGC) testing (incl. access management, change management, IT operations), IT governance, IT internal controls evaluation, and third-party assurance.
  • Experience in SOX 404 and/or ISO 27001 is an advantage. 
  • Solid project management and organization skills.
  • Self-starter and ability to manage time and meet deadlines in a fast moving and multi-cultural organization.
  • Strong speaking, presentation, mathematical, analytical, communication (written and oral), time management and decision-making skills.
  • Attention to details, and effective and efficient enforcement of high-quality standards.
  • Ability to train and mentor junior auditors.
  • Experience in the use of technology to automate the operations of an internal audit function.
  • Proficiency in data analysis tools and techniques.
  • Knowledge of security, authorizations, concept of Segregation of Duties, and controls for SAP systems (primarily SAP S4HANA) is an advantage. 
  • Experience in TeamMate Audit Management Systems is an advantage.

• Qualifications required:
  • Minimum Bachelor’s degree, preferably in Business Information Technology or relevant Technology field.
  • Relevant professional qualifications (e.g. CISA, CRISC, ITIL, etc.) or local equivalent.
  • Additional qualification in Information Security, Data Privacy and/or Data Analytics is an advantage.
  • A commitment to continuing Education in auditing, project management, technology is required.
  • Must become a member of the Institute of Internal Auditors (IIA).

KEY ACCOUNTABILITIES & ACTIVITIES

Technical Audit Skills

• Support the delivery of IT audits according to the relevant KSA regulatory authorities, and where appropriate, other international/ industry standards.
• Cultivates big-picture perspective by considering the context of processes and maturity of the department, system or facility being audited.
• Develops an understanding of organizational context through thorough determination and understanding of internal and external business risk and non-compliance issues that can impact the organization and its objectives.
• Investigates and understands the root causes of audit findings and uses them as the basis for determining remediation activities and assessing the effectiveness of those actions.
• Demonstrates understanding of auditee perspectives and awareness of business risks and non-compliance challenges faced by stakeholders and show empathy during the process.
• Recognizes opportunities for enhanced quality or efficiencies and challenges with, or considerations of implementing automation, analytics, and AI.
• Ensures that management are kept abreast of significant audit issues if and when they arise, and that audit findings and next steps are agreed with all relevant stakeholders prior to circulation.
• Performs self-assessment and quality control to ensure audit reports and other deliverables are of sufficient quality when presented to stakeholders and/or Audit Senior Management for review.
• Coordinates with Internal Audit team in following up open and overdue observations.
• Ensures that emerging business risks are proactively understood and reported to audit leadership promptly.