IT Auditor

**Purpose**:

- To ensure an acceptable standard of Quality Management System is maintained in accordance with recognized working practice and the company’s Quality Manual and Policy.

**Duties and Responsibilities**:

- Develop risk-based IT Annual Audit Plan.
- Evaluate the effectiveness of IT Risk Management.
- Identifying the weaknesses in a systems network and creating an action plan to prevent security breaches.
- Performs IT audit procedures, including identifying issues, developing criteria, reviewing, and analyzing evidence, and documenting processes and procedures.
- Conducts IT security audits (e.g., network, operating system, and data center), including evaluating if security weaknesses are properly identified and mitigated.
- Perform various reviews of IT Department policies and procedures and other related process such as change management, business continuity planning, disaster recovery and information security management.
- Communicates the results of IT audit and consulting projects via written reports and oral presentations to management and the audit committee.
- Follows-up the action plans related to observations raised during the audits.
- Participates in IT Projects related to IT infrastructure and software development within the scope of internal audit activity.
- Performs audit of the asset management system including IT assets.
- Performs evaluation of internet coverage and performance.
- Performs review of CCTV system, door access system and related physical controls.
- Conducts pre-audit of IT related purchases including the purchase of mobiles and computers and the ability evaluate specifications in relation to needs and its prices.
- Keeper of critical passwords or credentials. Responsible for the change of password on regular interval or whenever necessary.
- Performs any other job assigned by Directors or Group Internal Audit Manager.

**Work Experiences**:

- At least 5 years of experience in IT infrastructure and networks as administrator.
- Adept in network security such as firewalls, anti-virus, anti-malware and other similar security tools.
- Understanding of Information Security Management System, Disaster Recovery and Business Continuity.
- Understanding of cyber-security.
- Understanding of IT governance.
- Understanding of Risk Management System.
- Appreciation of Software Development Lifecycle.

**Skills**:

- Effective verbal and written communication skills
- Analytical skills.
- Leadership skills.
- Interpersonal skills.

**Working Conditions**:
The job requires the employee to work in AZI Group office and requires frequent travelling within Alzayani divisions.

**Job Types**: Full-time, Permanent