Information Technology Audit Consultant

The company is seeking a skilled IT Audit professional (Assistant Manager / Senior Consultant level) to lead and deliver technology and cybersecurity audit engagements. The role involves assessing IT controls, security frameworks, and governance practices across various environments to ensure alignment with regulatory requirements and industry standards.

Key Responsibilities:

• Technology Audits:

  • Perform audits covering cloud environments, including security, governance, and deployment architecture.
  • Review system configurations, hardening practices, and infrastructure security across platforms.
  • Assess risks related to emerging technologies and recommend mitigation strategies.

• Cybersecurity Audits:

  • Evaluate cybersecurity governance frameworks and organizational security posture.
  • Review identity and access management controls (IAM).
  • Assess network security components including firewalls, IDS/IPS, and web application firewalls (WAF).
  • Conduct or review Vulnerability Assessments and Penetration Testing (VAPT).
  • Assess data protection measures, incident response processes, and security operations.

• IT Controls Assessment:

  • Perform reviews of IT General Controls (ITGC) including access management, change management, and IT operations.
  • Evaluate application controls to ensure data integrity, accuracy, and reliability.

• IT Service Management (ITSM) Audits:

  • Assess IT service management processes aligned with frameworks such as ITIL.
  • Review incident, problem, change, and service request management processes.

• Compliance & Regulatory Audits:

  • Conduct compliance assessments against relevant standards and regulations such as:
    • UAE Information Assurance (UAE IA)
    • ISO 27001
    • NIST
    • CIS Controls
  • Identify gaps and provide actionable recommendations for compliance improvement.

Qualifications & Experience:

• Bachelor's degree in Information Technology, Computer Science, or related field.
• 6–8 years of experience in IT Audit, Technology Risk, or Cybersecurity.
• Experience working in consulting firms or large enterprises is preferred.
• Strong understanding of cloud platforms (AWS, Azure, GCP) and security best practices.
• Hands-on experience in ITGC, ITAC, and cybersecurity audits.

Preferred Certifications:

• CISA (Certified Information Systems Auditor)
• CISSP (Certified Information Systems Security Professional)
• ISO 27001 Lead Auditor / Implementer
• ITIL Certification

Key Skills:

• Strong knowledge of IT audit methodologies and risk assessment techniques.
• Familiarity with cybersecurity tools and technologies.
• Analytical thinking with strong attention to detail.
• Excellent communication and stakeholder management skills.
• Ability to manage multiple engagements and deliver within timelines.

Key Deliverables:

• Audit reports highlighting risks, gaps, and control weaknesses.
• Practical and actionable remediation recommendations.
• Compliance assessment reports aligned with industry standards.
• Stakeholder presentations and audit documentation.

Location: Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates
Work Conditions: On-site, Full-time