Systems Auditor

The Systems Auditor is responsible for risk assessment related to information systems, evaluation of ICT controls supporting business processes, and detailed independent review of the internal control environment for Car and General entities across the region.

Job Description and Key Responsibilities

This role is in charge of the Information System audit function within the Internal Audit Department, reporting directly to the Head of Audit. Key duties include:

• Lead the Information System audit function.
• Assist in the annual risk assessment process and generation of the annual audit plan.
• Report on cyber maturity in line with industry requirements and best standards.
• Evaluate compliance against ICT policies, standards, and regulatory requirements.
• Perform vulnerability assessment tests and penetration tests for internal systems and third-party supported applications.
• Perform in-depth ICT reviews, including access control, change management, system development, operating procedures, backup and disaster recovery, infrastructure review, and network security. Demonstrated experience in audits of SAP based systems is required.
• Advise the organization and perform reviews to enhance data privacy and business continuity maturity.
• Develop and implement the annual Information Systems audit plan in liaison with the Head of Internal Audit and provide support in coordinating the affairs of the Audit committee.
• Identify opportunities to automate audit procedures and develop scripts for increased efficiency and accuracy.
• Assist in extraction and analysis of audit data using data analytical tools.
• Assist the internal audit team and ICT teams in acquisition of audit, monitoring, and analytical tools as required.
• Provide special advisory audits and investigations as required.
• Prepare high-quality and detailed reports for discussion with management and presentation to the audit committee.
• Follow up on ICT-related audit matters and update the Head of Audit on a regular basis.
• Assist in training/mentoring staff on the use of analytical tools and any other ICT-related matters.
• Perform other related duties relating to business operations.

Required Qualifications and Experience

Candidates must meet the following criteria:

• Clear understanding of the audit process, including IT audits related to business processes.
• A degree from a recognized University, preferably in Computer Science or a related field.
• At least 3 years’ relevant experience.
• Possession of professional IT audit certifications (e.g., CISA, CISM, CISSP, CRISC, CEH).
• Experience in the use of data analytics tools.
• Excellent interpersonal, communication, and presentation skills.
• Ability to work under minimum supervision.
• Experience in audit of SAP systems is an added advantage.