Head - IT Systems Audits (14-18 yrs)

Head IT Systems Audits

Summary:

Is a key leadership role responsible for planning, executing, and reporting on audits related to the organization's IT systems, cyber security frameworks, and digital assets. This role ensures compliance with relevant regulatory standards, identifies potential risks, and provides recommendations for improvement. The successful candidate will have deep expertise in IT audit methodologies, cyber security best practices, and the evolving landscape of digital assets.

Responsibilities:

- Audit Planning and Execution: Develop and implement a comprehensive audit plan covering IT infrastructure, applications, cyber security controls, data governance, and digital asset management. Oversee the execution of audits, ensuring adherence to professional standards and methodologies (e.g., COBIT, NIST, ISO 27001).

- Cyber security Audits: Lead audits of cyber security frameworks, including vulnerability management, penetration testing, incident response, data loss prevention, and security awareness training. Assess the effectiveness of security controls in mitigating cyber threats.

- IT Systems Audits: Manage audits of IT infrastructure, including networks, servers, databases, cloud environments, and applications. Evaluate the effectiveness of IT controls related to change management, access control, system development life cycle, and disaster recovery.

- Digital Asset Audits: Oversee audits related to the organization's digital assets, which may include cryptocurrencies, blockchain technologies, NFTs, and other emerging digital technologies. Assess the risks associated with these assets and evaluate the effectiveness of controls for their custody, management, and valuation.

- Regulatory Compliance: Ensure audits are conducted in accordance with relevant regulatory requirements, such as SOX, GDPR, HIPAA, and industry-specific regulations. Stay abreast of changes in regulations and adapt audit procedures accordingly.

- Risk Assessment: Conduct risk assessments to identify key IT and cyber security risks and prioritize audit activities accordingly. Monitor the evolving threat landscape and its potential impact on the organization.

- Reporting and Communication: Prepare clear and concise audit reports summarizing findings, conclusions, and recommendations. Communicate audit results to management and the audit committee. Track the implementation of management's corrective actions.

- Team Management: Lead and mentor a team of IT auditors, providing guidance, training, and performance evaluations. Foster a culture of continuous improvement within the audit team.

- Stakeholder Collaboration: Collaborate with IT management, cyber security teams, and other stakeholders to understand business processes, identify risks, and provide value-added recommendations.

- Continuous Improvement: Stay current with industry best practices, emerging technologies, and audit methodologies. Identify opportunities to improve the efficiency and effectiveness of the internal audit function.

Qualifications:

- Bachelor's degree in Information Technology, Computer Science, Accounting, or a related field. Master's degree preferred.

- Professional certifications such as CISA, CISSP, CISM, CRISC, or CIA are required.

- Minimum of 15 years of experience in IT audit, cyber security audit, or a related field, with at least 5 years in a management role.

- Deep understanding of IT infrastructure, cyber security frameworks, and digital asset technologies.

- Strong knowledge of audit methodologies, risk assessment techniques, and regulatory requirements.

- Excellent communication, interpersonal, and presentation skills.

- Proven ability to lead and manage teams.

- Experience with data analytics and audit software is a plus.

Key Competencies:

- Technical Expertise (IT, Cyber security, Digital Assets)

- Risk Management

- Audit Methodology

- Regulatory Compliance

- Leadership and Team Management

- Communication and Interpersonal Skills

- Problem-Solving and Analytical Skills

- Strategic Thinking

This job description is intended to convey information essential to understanding the scope of the position and it is not intended to be an exhaustive list of skills, efforts, duties, responsibilities or working conditions associated with the position.