IT Auditor - GRC

We are seeking a detail-oriented and analytical IT Auditor – GRC to evaluate and improve the effectiveness of IT controls, risk management, and governance processes. The role involves assessing compliance with regulatory requirements, identifying control gaps, and recommending improvements to strengthen the organization’s IT risk posture.

Key Responsibilities:

• Conduct IT audits covering systems, applications, infrastructure, and processes.
• Evaluate the design and effectiveness of IT general controls (ITGCs).
• Assess compliance with internal policies, standards, and external regulations.
• Perform risk assessments and contribute to the development of audit plans.
• Identify control weaknesses and provide actionable recommendations.
• Review access controls, change management, and data security practices.
• Collaborate with business and IT teams to ensure remediation of audit findings.
• Prepare audit reports and present findings to stakeholders and management.
• Support governance frameworks and risk management initiatives.
• Monitor emerging IT risks, cybersecurity threats, and regulatory changes.

• Strong understanding of ITGC, risk frameworks, and internal controls.
• Professional certifications such as CISA, CRISC, CISSP, or ISO 27001 Lead Auditor are preferred.

Key Skills & Competencies:

• Knowledge of GRC frameworks (e.g., COBIT, ISO 27001, NIST).
• Familiarity with regulatory requirements and standards.
• Strong analytical and problem-solving skills.
• Excellent report writing and communication abilities.
• Ability to work independently and manage multiple priorities.
• Attention to detail with a risk-focused mindset.

Preferred Experience:

• Experience with ERP systems (e.g., SAP, Oracle).
• Exposure to cloud environments and cybersecurity audits.
• Prior experience in financial services, telecom, or large enterprises is an advantage.

Key Performance Indicators (KPIs):

• Timely completion of audit assignments.
• Quality and impact of audit findings and recommendations.
• Effectiveness of risk mitigation and control improvements.
• Stakeholder satisfaction and audit report quality.

Job Type: Full-time

Pay: AED6,000.00 - AED15,000.00 per month

Work Location: In person