Head of Non-Applications & ICT Security Audit Unit

Job Duties:

• Lead and manage ICT audit engagements covering infrastructure, cybersecurity, datacenter operations, and system software.
• Oversee audits of network security, firewalls, databases, and operating systems (Windows, Linux, etc.).
• Evaluate cybersecurity frameworks, incident response processes, and IT security governance.
• Assess General IT Controls (GITCs) and technical configurations across servers, systems, and IT services.
• Identify vulnerabilities, control gaps, and areas for improvement in technical environments.
• Provide guidance and mentorship to ICT auditors within the team.
• Collaborate with information security, infrastructure, and risk management teams to ensure audit alignment with enterprise risk priorities.
• Prepare comprehensive audit reports and communicate findings to senior management.
• Stay current with emerging technologies, cyber threats, and evolving audit techniques.
• To prepare detailed audit reports with actionable recommendations.
• To stay updated on emerging cyber threats and industry best practices.
• To ensure compliance with audit standards and regulations.

Job Qualifications & Skills:

• Bachelor’s degree in Information Technology, Computer Engineering, Cybersecurity, or related field.
• 7+ years of progressive experience in IT audit, cybersecurity audit, or technical risk assessment.
• 2+ years in a supervisory or team leader role.
• Strong knowledge of infrastructure technologies (servers, networks, virtualization, cloud platforms, databases).
• Hands-on understanding of cybersecurity controls, vulnerability management, incident response, and identity & access management.
• Familiarity with frameworks and standards such as NIST, COBIT, ISO 27001, ITIL, and CIS Controls.
• Certifications such as CISA, CISM, CISSP, or CRISC highly preferred.
• Excellent communication, leadership, and project management skills.