Manager - IT Audit

Description:

The IT Audit Manager is responsible for leading and managing the planning, execution, and reporting of information technology audits and reviews.

This role ensures the organization's IT systems and controls comply with internal policies, industry standards, and regulatory requirements.

The position requires deep knowledge of IT systems, cybersecurity, data privacy, risk management, and auditing practices.

Responsibilities:

- Lead and manage IT audit engagements from planning to execution and reporting.

- Develop risk-based audit plans and programs to assess IT controls and processes.

- Evaluate the adequacy and effectiveness of IT general controls (ITGC), application controls, cybersecurity, and data privacy measures.

- Identify and assess risks related to IT systems, infrastructure, and processes.

- Ensure audits align with relevant standards such as COBIT, NIST, ISO 27001 and SOX (where applicable).

- Monitor and review compliance with internal policies and external regulations (e.g, GDPR, HIPAA, PCI-DSS).

- Prepare and present clear and concise audit reports with findings, risk assessments, and actionable recommendations.

- Communicate audit results to senior management and stakeholders.

- Supervise and mentor audit staff and consultants during engagements.

- Collaborate with other departments such as IT, Risk Management, and Legal to enhance the control environment.

- Stay updated with emerging technology risks and industry trends.

- Recommend improvements to audit methodologies and risk assessment techniques.

Requirements:

- Bachelor's / master's degree in Information Systems, Computer Science, Accounting, or a related field.

- Professional certifications preferred: CISA, CISM, CISSP, CIA, or CPA.

- Minimum 5-8 years of experience in IT auditing, information security, or risk management, including at least 2 years in a supervisory or managerial role.

- Strong knowledge of IT systems, networks, databases, cybersecurity, and cloud computing.

- Experience with audit tools and GRC platforms.

- Excellent analytical, communication, and interpersonal skills.

- Ability to manage multiple projects and meet deadlines.

- Experience in a regulated industry (e.g , finance, healthcare, insurance, etc.

- Familiarity with ERP systems such as SAP, Oracle, or Workday.

- Knowledge of data analytics tools (e.g , ACL, IDEA, Power BI).

- Experience with SOC 1/SOC 2 reviews or third-party risk assessments