JOB SUMMARY
(The main reason for the position, in what context and what is the overall end result)
The Assistant Vice President – IT Internal Audit is responsible for leading and executing the organization's IT audit strategy to provide independent assurance over technology governance, cybersecurity, digital transformation, enterprise applications, infrastructure, cloud environments, IT application controls and IT general controls (ITGC). The role partners with senior management to evaluate technology risks, strengthen internal controls, and provide strategic recommendations that enhance business resilience, regulatory compliance, and operational effectiveness. The position also supports data-driven auditing, continuous auditing initiatives, and the adoption of emerging technologies within the Internal Audit function
DUTIES AND RESPONSIBILITIES
(Major responsibilities and target accomplishments expected of the position including the typical problems encountered in carrying out the responsibilities
IT Audit & Assurance
- Develop and execute risk-based IT audit plans aligned with enterprise objectives
- Conduct audits covering IT General Controls (ITGC), IT application controls, ERP systems, databases, infrastructure, cloud platforms, and digital solutions
- Evaluate governance over technology investments and IT strategy execution
- Assess compliance with internal policies, industry standards, and regulatory requirements
- Provide independent assurance on the effectiveness of technology controls
Cybersecurity & Information Security Reviews
- Assess cybersecurity governance and control maturity
- Review identity and access management processes, privileged access controls, and user provisioning
- Evaluate network security, endpoint protection, vulnerability management, and incident response capabilities
- Review cloud security controls and third-party technology risks
- Assess business continuity and disaster recovery capabilities
Data Analytics & Technology Innovation
- Utilize data analytics and visualization tools to improve audit effectiveness
- Develop continuous auditing and continuous monitoring capabilities
- Apply automation and AI-enabled techniques to enhance audit coverage
- Analyze technology trends and emerging risks affecting the organization
Technology Project & Digital Transformation Assurance
- Participate in pre-implementation and post-implementation reviews of major technology projects
- Assess risks associated with ERP implementations, cloud migrations, and system integrations
- Review controls embedded within digital transformation initiatives
- Provide recommendations to strengthen project governance and implementation quality
Audit Reporting & Governance
- Prepare executive-level audit reports and present findings to senior management and Audit Committee
- Monitor remediation activities and validate closure of audit issues
- Maintain audit documentation in accordance with professional standards
- Coordinate with external auditors, regulators, and business stakeholders where required
Team Leadership & Capability Development
- Coach and mentor audit team members
- Promote data-driven auditing methodologies and best practices
- Support talent development and knowledge sharing within the Internal Audit function
- Drive continuous improvement initiatives across audit processes
JOB SPECIFICATION
Education and Experience
- Bachelor's degree in Information Technology, Computer Science, Information Systems, Cybersecurity, Accounting, or a related discipline
- Master's degree (MBA, Information Systems, Cybersecurity, or equivalent) is preferred
- Professional certifications such as CISA, CISSP, CIA, CRISC, CISM, CPA, or CGEIT are highly desirable
- Minimum 10 years of experience in IT Audit, Information Security, Technology Risk, or Internal Audit.
- At least 5 years of leadership or management experience overseeing complex audit engagements or teams
- Proven experience auditing ERP systems, cloud technologies, cybersecurity, and IT infrastructure
- Experience applying data analytics or automation within audit processes
- Strong background in communicating audit results to executive management and governance committees
Required Skills/Abilities:
Knowledge & Technical Competencies
- Risk-Based Internal Auditing methodology
- IT General Controls (ITGC) and Application Controls
- Cybersecurity Governance and Security Frameworks (e.g., NIST, ISO 2
- 7001).Cloud Security and Infrastructure Aud
- iting.ERP platforms (SAP, Oracle, Microsoft Dynamics,
- etc.).Data Analytics and Visualization (Power BI, Tableau, SQL, ACL,IDEA)
- Technology Risk Management and IT Governance (COBIT,ITIL
- Business Continuity Planning (BCP) and Disaster
- Recovery Regulatory Compliance and Data Privacy
- Project Assurance and Digital Transformation
- Risk Continuous Auditing and Audit Automation
Attributes & Soft Skills
- Strategic thinking and strong business acumen
- High level of integrity and professional skepticism
- Excellent analytical and problem-solving capabilities
- Executive presentation and communication skills
- Strong stakeholder management and influencing ability
- Ability to simplify complex technology risks into business language
- Leadership and coaching capabilities
- Change management and continuous improvement mindset
- Excellent project management and prioritization skills
- Collaborative approach with strong cross-functional partnership skills