The Role
The IT Auditor will conduct security audits, perform risk assessments, ensure compliance with security standards, evaluate incident response plans, and implement security frameworks while preparing detailed audit reports and collaborating with cross-functional teams to enhance security posture.
Summary Generated by Built In
Key Responsibilities:
- Security Audits: Conduct thorough security audits of the company systems to evaluate the effectiveness of security controls and identify vulnerabilities.
- Risk Assessment: Perform risk assessments to identify potential security threats and weaknesses in IT infrastructure, applications, and processes.
- Compliance Monitoring: Ensure compliance with relevant security standards and regulations (e.g., PCI-DSS, GDPR, ISO 27001) by evaluating existing security policies and practices.
- Incident Response Evaluation: Review and assess the effectiveness of incident response plans and security incident management processes.
- Security Framework Implementation: Collaborate with IT and security teams to implement security frameworks and best practices that align with industry standards.
- Reporting and Recommendations: Prepare detailed audit reports highlighting security findings, risks, and actionable recommendations to enhance the organization's security posture.
- Stakeholder Collaboration: Work closely with cross-functional teams, including IT, compliance, and risk management, to promote a culture of security awareness and best practices.
- Bachelor’s degree in information technology, Cybersecurity, Computer Science, or a related field.
- Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Certified Risk and Information Systems Control (CRISC) are strongly preferred.
- Minimum of 5-7 years of experience in IT auditing with a focus on security, preferably within the fintech industry.
- Proficiency in security auditing methodologies and tools, including experience with vulnerability assessment tools and security information and event management systems.
- Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001) and risk management principles. Familiarity with application security practices and secure software development lifecycle (SDLC) is essential. Experience in assessing third-party security risks and conducting vendor security assessments.
- Exceptional analytical and problem-solving abilities, with strong communication skills to convey complex security issues to both technical and non-technical audiences. Detail-oriented with excellent organizational skills.
- Willingness to travel internationally as needed for audit engagements.
- Private Health Insurance
- Performance Bonus
The Company
What We Do
PetroApp is a smart system based on NFC technology which enables companies and individuals to eliminate waste, to control and monitor the fuel consumption and its distribution.
PetroApp has a large gas stations network all over the Kingdom