Manager - Technology & Cyber Security Audit

Manager - Technology & Cyber Security Audit

To conduct audits within the technology and cybersecurity domains, specifically for a fully cloud-agnostic environment with advanced cyberdefence and DevOps capabilities.

Key Tasks and Accountabilities:

• Plan, schedule, execute, and monitor audits within assigned domains, ensuring alignment with approved audit plans and timelines.
• Conduct audit work in accordance with internal audit standards, regulatory requirements, and international frameworks such as ISO, PCI DSS, NESA, SWIFT-CSP, SOC2, and CCSS.
• Produce comprehensive audit reports detailing findings, associated risks, and actionable recommendations.
• Monitor and follow up on the closure of previously raised audit findings to ensure timely resolution.
• Participate in investigations, special reviews, or other related assignments as directed by the Head of Technology & Cybersecurity Audit and Chief Audit Executive.
• Provide regular updates to the Head of Technology & Cybersecurity Audit, department heads, and other relevant stakeholders on audit progress and corrective measures.
• Act as the subject matter expert for technology and data analytics requirements within the Internal Audit Department. Periodically review information technology and security architectures to ensure compliance with internal policies and regulatory standards.
• Support other business audits by performing data extraction and analytics. Facilitate continuous auditing by implementing innovative data-driven methodologies.
• Continuously refine audit methodologies, tools, and processes to enhance the efficiency and effectiveness of audit activities. Ensure alignment of audit practices with emerging technologies, trends, and industry best practices.
• Periodically assess contracts and service level agreements (SLAs) with third-party service providers to ensure adherence to agreed-upon terms. Coordinate with outsourced staff to ensure quality and consistency in audit assignments.

Key Skills:

• Strong understanding of technology platforms, risk management, and control frameworks to ensure comprehensive evaluation and compliance.
• Expertise in core technology infrastructure, network, and security operations.
• Experience in security testing, including firewalls, security architectures, and OWASP guidelines.
• Familiarity with emerging technologies and trends in cybersecurity, cloud environments, and software development practices, including DevOps and CI/CD pipelines.
• Knowledge of blockchain, distributed ledger technologies, and industry standards and best practices for digital assets. Familiar with smart contracts, decentralized applications (dApps), and blockchain infrastructure and integrations.

Required Qualifications & Experience:

• Bachelor's or Master's degree preferably in Computer Science or Information Systems.
• Professional Certifications (one or more): CISA, CISSP, COBIT/ITIL, PCI DSS / ISO 27001, CCSK/CCSP, GSEC/ CGIH, CDPSE/CIPM.
• 5 to 10 years of work experience spread across Technology, IT Audit, or Cyber Security, preferably within the financial sector in the Middle East.