Risk & Audit Analyst

Job type: Permanent
Job ref: 32557
Published: about 2 months ago

Start: ASAP

Job Type: Permanent

Location: Remote

Qualifications of the Role:

  • Bachelor's degree in information technology, Cybersecurity, Computer Science, or a related field.

  • Professional certifications such as Certified Information Systems Auditor (CISA) or Certified in Risk and Information Systems Control (CRISC) are highly preferred.

  • A minimum of 3-5 years of experience in IT risk management, auditing

  • Strong understanding of IT risk frameworks (e.g., NIST, ISO 27001) and auditing standards.

  • Experience with security assessment tools and techniques, including vulnerability assessments and penetration testing.

  • Excellent communication skills, with the ability to convey technical information to non-technical stakeholders.

What We Are Looking For?

  • A proactive and detail-oriented individual with a strong analytical mindset who can identify and assess IT risks effectively.

  • A collaborative team player who can work across various departments to promote a culture of risk awareness and compliance.

  • Someone with a strong ethical foundation, demonstrating integrity and a commitment to maintaining the highest standards in information security.

  • An adaptable and self-motivated candidate who thrives in a dynamic environment and can prioritize tasks to meet tight deadlines.

  • Good experience in IT risk and audit.

  • Fluent Arabic and English Language is a must.

What You Will Be Doing in the Role?

  • Conducting comprehensive IT risk assessments and audits to identify vulnerabilities and recommend appropriate mitigation strategies.

  • Evaluating the effectiveness of existing IT controls and security measures to ensure compliance with industry standards and regulations.

  • Collaborating with IT teams to implement risk management frameworks and security policies, ensuring alignment with organizational goals.

  • Performing regular security assessments, including vulnerability scans and penetration tests, to proactively identify and address risks.

  • Preparing detailed audit reports that summarize findings, provide actionable recommendations, and present results to stakeholders.

  • Monitoring compliance with IT policies and regulatory requirements, providing guidance and support to departments as needed.

  • Assisting in the development and delivery of training programs to raise awareness of IT risk and security best practices across the organization.

  • Develop contingency plans to manage Crises