Lead Auditor, IT Infrastructure

Role Purpose

To conduct Technology/Network Audits independently as per the annual Internal Audit plan, including network infrastructure and security controls review, network access. May be part of a larger team of Lead Auditors / Auditors / Asst. Auditors for large scale Network \ Technology Audits. To conduct Quality Assurance reviews (QAR) and Compliance Monitoring of IT & Network Infrastructure for risk management and effectiveness in accordance with IA Plan and IA Manual.

Position Information

• Unit: Internal Audit
• Division: Technology Audit
• Location: HQ
• Line Manager: SM –Technology Audit.
• Grade: P5
• Minimum role requirements:
• Qualification: Bachelor in relevant field, preferably in in Information Technology, Computer Science, or related field. Professional certification such as, CISA \ CISSP \ CEH \CIPM \ CIPP \CISM .
• Experience: 8 years of experience
  
  

Key Accountabilities

• Conduct the assessment of the various aspects of Telecom & IT Network Infrastructure Audits (LAN, WAN, firewalls, switches, routers, and other network components) in accordance with the Internal Audit plan and IA Manual as part of a team of Lead Auditors / Auditors / Asst. Auditors
• Lead assessment of Network architecture, network configuration, network access checks and security controls of Telecom & IT Networks.
• Conduct Vulnerability Assessment (VA) and Penetration Testing (PT) to identify possible risks and highlight them in the Internal Audit reports.
• Coordinate with IT division and department heads along with the Manager, in all matters relating to Telecom & IT Network audit findings, recommendations and required implementation to ensure that all audit observations are communicated and addressed.
• Document required implementation activities and work closely with Business Units and department heads for audit follow-up and implementation audits.
• Review and prepared Internal Audit reports for accuracy of findings, observations and clarity of recommendations and corrective actions from the completed Telecom & IT Network Infrastructure audits.
• Review follow-up audit reports in conjunction with previous audit reports and highlight necessary escalations and corrective actions.
• Review compliance monitoring reports for identified and recorded areas of gaps, risks and non-compliance leading to Omantel’s financial / operational impact in the Audit Report for Audit Committee.
• Ensure any corrective action requests (CARs) are responded to in a timely manner to ensure the removal of any non-conformances and their root cause identified during QAR.
• Lead Compliance Monitoring audits to ensure that the operations of the Omantel are being carried out within the legal and regulatory framework of Oman.
• Highlight areas of gaps, risks and non-compliance during Compliance Monitoring audits that may lead to Omantel’s financial / operational impact
• Provide recommendations to improve existing processes and controls to meet cybersecurity and data privacy standards and mitigate risk.