Manager Digital & New Technologies

The Audit department leads risk-based IT and Technology audit engagements to provide independent assurance over the effectiveness of technology controls, system processes, cybersecurity posture, and IT governance. The role delivers critical insights and recommendations that strengthen control reliability, regulatory compliance, and the operational and security resilience of technology environments across the organization.

Key Accountabilities

• IT Audit Planning & Execution – Develop and deliver comprehensive risk‑based IT/technology audit plans covering ITGCs and key technology domains (e.g., application and interface controls, infrastructure/operations, identity & access, change/release, backup/recovery, cybersecurity, cloud, data, and DevSecOps).
• End‑to‑End Engagement Management – Lead the full IT audit lifecycle from scoping and planning through fieldwork, issue validation, reporting, and remediation tracking in line with Internal Audit methodology.
• Reporting & Communication – Produce clear, concise, and impact‑oriented IT audit reports for the Director, articulating key risks, control gaps, root causes, and actionable technology‑focused recommendations.
• Stakeholder Partnership – Collaborate with IT service owners, architects, security, and business leaders to agree on pragmatic action plans, set remediation timelines, and monitor closure of findings to sustainably reduce risk.
• Regulatory & Standards Alignment – Maintain current knowledge of relevant frameworks and regulations (e.g., COBIT, ISO/IEC 27001, NIST CSF, ITIL, data privacy/cyber mandates) to ensure audit approaches remain fit‑for‑purpose and comprehensive.
• Continuous Improvement & Analytics – Enhance audit methods, tooling, and automation, leveraging data analytics, control telemetry, and continuous monitoring to increase coverage, efficiency, and the insight quality of IT assurance.

Requirements

• Bachelor's degree in IT, Cybersecurity, or related field.
• Professional certification (CISA, CISM, CISSP, or equivalent) mandatory requirement.
• 10+ years of progressive experience in internal audit, external audit, IT audit, cybersecurity, or technology control functions.
• 2–3 years of supervisory or managerial experience leading IT or technology audit teams.
• Demonstrated expertise in assessing IT controls, including ITGCs, application controls, cybersecurity processes, and technology elements supporting financial reporting (ICOFR).
• Strong understanding of risk‑based audit methodologies and assurance frameworks (e.g., COSO, COBIT, NIST, ISO 27001, IIA Standards).
• Experience with data analytics, automation, and audit‑support tools (preferred), with the ability to leverage technology to enhance audit efficiency and insight quality.
• Strong understanding of technology‑enabled control environments, including how IT processes, systems, and configurations impact financial reporting, compliance, and operational integrity.
• Excellent analytical, critical‑thinking, and problem‑solving skills, with the ability to evaluate complex IT environments and identify control gaps with precision.
• Proficiency in data analytics tools and audit management platforms, leveraging automation and analytics to enhance IT audit coverage and insight quality.
• Strong project management capabilities, with the ability to lead and coordinate multiple technology audit engagements concurrently.
• Exceptional written and verbal communication skills, enabling clear articulation of technical risks, control deficiencies, and recommendations to stakeholders at all levels.
• Advanced proficiency in Microsoft Excel, data visualization tools, and experience working with ERP and core IT systems, including understanding of system configurations, logs, and automated controls.
• Ability to build strong, collaborative relationships with IT, cybersecurity, operations, and business teams to drive effective remediation and strengthen the control environment.