IT Internal Audit

Job Title: IT Internal Auditor

Location: Gulshan-e-Iqbal, Block 14, Karachi

Role Summary:

We are seeking an experienced IT *Internal Auditor* to join our internal audit team. You will spearhead IT audit engagements for clients (mainly technology companies), providing independent assurance over their IT risk, controls, and compliance frameworks. This role includes delivering audit fieldwork, drafting impactful audit reports, and presenting findings to client stakeholders. To ensure success, an IT auditor must be capable of maintaining the confidentiality of sensitive information while working with a variety of technologies, security problems, and troubleshooting of the network.

Key Responsibilities:

-Lead and execute *IT audit engagements*, covering IT general controls (ITGCs), application controls, cybersecurity, change management, access controls, disaster recovery, cloud environments, and SDLC.

-Develop risk-based *audit plans*, design and conduct testing procedures, prepare clear and thorough audit documentation and workpapers.

-Draft and deliver persuasive *audit reports* detailing risk findings, root causes, control gaps, and recommendation remediation strategies. Present these to both internal teams and client management.

-Oversee *audit team*, provide mentoring, and guide development—especially relevant for outsourced team structures.

-Maintain audit quality and standards, ensuring consistency and compliance across engagements.

-Adapt to different client environments across industries (technology, financial services, etc.) and work in a fast-paced, dynamic setting.

-Conduct efficient and effective IT audit procedures.

-Perform regular audit testing and provide recommendations.

-Review, evaluate, and test application controls.

-Provide recommendations and guidance on identified security and control risks.

-Develop a strong understanding of business and system processes.

Qualifications:

-A degree in information technology/computer information systems or related.

-Relevant certifications beneficial: *CISA*, *CISM*, *CISSP*, *CIA* or equivalent.

Experience and Skills:

-At least 3-5 years of IT audit experience (internal or external), preferably in technology, financial services, or audit outsourcing context.

-Strong understanding of *technology risk*, audit methodologies, risk assessment, IT control objectives, and ability to translate technical controls into business risk terms.

-Ability to work under pressure in a fast-paced environment.

-Practical experience with *audit tools*, CAAT/continuous auditing methods, and ERP technologies such as SAP, Oracle, etc.

-Strong attention to detail with an analytical mind and outstanding problem-solving skills.

-Great awareness of cybersecurity trends and hacking techniques.

How to apply: interested candidates can drop their resumes directly at talent@fossphorus.com and CC: rjaved@fossphorus.com

Job Type: Full-time

Pay: Rs100,000.00 - Rs150,000.00 per month

Work Location: In person