Consultant - Internal Audit (financial services/ fintech/ payments)

Job Title: Consultant

Location: Kingdom of Saudi Arabia (KSA) – Riyadh

Function: Internal Audit and Financial Advisory

Experience Level: Consultant (3–5 years)

Role Overview: Protiviti is seeking a high-performing Consultant - Internal Audit to support the delivery of internal audit, risk assessment, and governance engagements across financial services, fintech, payments, capital companies, investment management, and diversified corporates. The role involves end-to-end participation in audit engagements, close collaboration with clients and adherence to regulatory and professional standards.

Key Responsibilities

• Internal Audit: Execute risk-based internal audits in accordance with the approved annual audit plan, internal audit charter and established audit methodologies, ensuring alignment with organizational objectives and regulatory expectations.
• Perform end-to-end process walkthroughs to develop a thorough understanding of business processes, identify key risks and assess the design and implementation of internal controls.
• Conduct control design reviews and operating effectiveness testing, applying appropriate audit techniques, sampling methodologies and data analysis to evaluate the adequacy and effectiveness of controls.
• Prepare and maintain comprehensive audit working papers, including test plans, evidence, analyses, and conclusions, in compliance with IIA Standards and internal quality assurance requirements.
• Identify control deficiencies, process inefficiencies, and compliance gaps, assess root causes and evaluate their potential financial, operational and regulatory impact.
• Develop clear, concise, and value-added audit observations, including well-articulated risk implications and practical, business-focused recommendations tailored to the organization’s risk appetite and operating environment.
• Engage proactively with process owners and auditees to discuss audit findings, validate facts, understand management perspectives and agree on realistic and effective corrective actions.
• Draft, review and finalize audit reports, ensuring accuracy, clarity and consistency, and present key issues, ratings and recommendations to management and relevant committees, as required, with support of Project Manager.
• Support audit closure and follow-up activities, including tracking management action plans, validating remediation efforts and reporting on the status of open audit issues.
• Contribute to continuous improvement initiatives within the Internal Audit function by enhancing audit tools, templates and methodologies and by sharing best practices and insights from audit engagements.
• Risk & Governance Support the execution of enterprise-wide and departmental risk assessments at both inherent and residual levels, including risk identification, risk rating, control evaluation and prioritization.
• Develop, review, and maintain Risk & Control Matrices (RCMs) by mapping key risks to preventive and detective controls, assessing control design and effectiveness and identifying control gaps requiring remediation.
• Assist in the review and enhancement of policies, procedures, charters, and governance frameworks to ensure clarity, completeness and regulatory compliance.
• Evaluate the effectiveness of governance structures, including the roles and responsibilities of the Board, management and committees, to assess adequacy of oversight, escalation mechanisms, and decision-making processes.
• Review and assess the Delegation of Authority (DOA) framework to ensure appropriate authorization limits, segregation of duties, and alignment with the organization’s operational and financial risk profile.
• Assess the design and effectiveness of Board and management committees, including committee charters, composition, frequency of meetings, and documentation of decisions.
• Identify governance gaps and risk management weaknesses, analyze root causes, and articulate clear risk implications with actionable recommendations.

Regulatory & Compliance

• Review compliance with applicable laws, regulations, and regulatory frameworks, including but not limited to SAMA, CMA, SOCPA, and other relevant local and international regulatory requirements.
• Perform compliance reviews and gap assessments against regulatory guidelines, supervisory circulars, and industry standards.
• Support reviews related to Anti-Money Laundering (AML) and Counter-Fraud Framework (CFF).
• Evaluate the alignment of internal policies, procedures, and controls with recognized frameworks and standards such as ISO standards, COSO Internal Control and COSO ERM.
• Review regulatory compliance reports, dashboards and management updates, including tracking remediation of regulatory findings and monitoring the status of open compliance issues.
• Support regulatory inspections, audits, and inquiries by coordinating documentation, responses, and evidence in a structured and timely manner.

Client & Engagement Management

• Interact professionally with client stakeholders during walkthroughs and meetings.
• Support engagement managers in status reporting and deliverable reviews.
• Maintain high standards of confidentiality and professional ethics.

Required Qualifications

• Masters/Bachelor’s degree in accounting, Finance, Business Administration, or related field.
• 3–5 years of relevant experience in internal audit, risk advisory, or external audit.
• Experience with consulting firms preferred.

Professional Certifications (Preferred)

• CIA, ACCA / CA

Technical Skills

• Strong understanding of internal audit methodologies and IIA Standards
• Hands-on experience in process mapping, control testing, and RCM development
• Familiarity with COSO Internal Control & ERM frameworks.
• Knowledge of regulatory environments in KSA/GCC is a strong advantage.
• Proficiency in MS Excel, Word, and PowerPoint.