IT Risk Assessment and Cyber Security Audits Job
This post has expired! It was posted more than 1466 days ago.
See all jobs by this advertiser
Go back to the Job List
Posted date 2021-Feb-19
Key Responsibilities:
This role is for performing IT Risk Assessment/ Cyber Security Audits on behalf of the firm. The role shall include the below activities, but not limited to:
a. Review clients IT risks/ cybersecurity framework and IT risk management capabilities
b. Perform IT risk assessments to identify, evaluate and analyze current and potential risks, gaps, vulnerabilities in the clients IT infrastructure, IT applications and platforms, etc.
c. Evaluate the quality and effectiveness of the IT processes, IT operations, etc. within the organization
d. Perform operational assessment including evaluation of licenses, users, capacity, DR Readiness etc.
e. Assess the security governance and compliance by evaluating the IT systems, infrastructure, access, etc.
f. Assess the comprehensiveness and correctness of existing IT policies and procedures documents
g. Conduct technical assessment by evaluating the technical skills of the clients IT department
h. Recommend action plans that mitigate or remediate the findings in alignment with the industry best practices
i. Recommend actions plans for emerging IT risks.
j. Design and draft reports independently basis the assessments performed
k. Provide subject matter expertise on information security related requirements, understanding the requirement
Desired Attributes
Must be Bilingual i.e. fluent in speaking English and Arabic
Prior consulting experience with Big 4 is preferable
Experience in serving clients across different industry sector, especially in Insurance and Banking
Must have sound knowledge and understanding of security governance, information system audits, compliance and risk management, information security principles, cyber security, etc.
Prior experience in databases and reporting tools shall be preferred
Should have working knowledge (auditing & implementing) of common security standards and frameworks such as IS027001, ISO22301, NIST-CSF, COBIT, PCI-DSS, BCMS, ISMS, etc.
Sound understanding of IT-related risks, such as data security, cyber security, efficiency and availability, etc.
Lead/ assist/ deliver engagements maintaining high quality standards
Excellent communication and interpersonal skills
Excellent documentation skills especially on MS Office (Excel, Word, PowerPoint)
Years of Experience
More than 5 years of post-qualification experience in IT Risk Assessment and IT Security Governance & Compliance
Preferably delivered projects for clients (onsite or remote) in the Middle East and Africa (MENA) region
Qualifications
Masters/ Bachelors Degree in Computer Science/ Information Technology/ related field from a premier institute
Desirable Certifications: CISA/ CISM/ CISSP/ Lead Implementer/ Lead Auditor ISO 27001, ISO 20000, ISO 9001, etc.
This role is for performing IT Risk Assessment/ Cyber Security Audits on behalf of the firm. The role shall include the below activities, but not limited to:
a. Review clients IT risks/ cybersecurity framework and IT risk management capabilities
b. Perform IT risk assessments to identify, evaluate and analyze current and potential risks, gaps, vulnerabilities in the clients IT infrastructure, IT applications and platforms, etc.
c. Evaluate the quality and effectiveness of the IT processes, IT operations, etc. within the organization
d. Perform operational assessment including evaluation of licenses, users, capacity, DR Readiness etc.
e. Assess the security governance and compliance by evaluating the IT systems, infrastructure, access, etc.
f. Assess the comprehensiveness and correctness of existing IT policies and procedures documents
g. Conduct technical assessment by evaluating the technical skills of the clients IT department
h. Recommend action plans that mitigate or remediate the findings in alignment with the industry best practices
i. Recommend actions plans for emerging IT risks.
j. Design and draft reports independently basis the assessments performed
k. Provide subject matter expertise on information security related requirements, understanding the requirement
Desired Attributes
Must be Bilingual i.e. fluent in speaking English and Arabic
Prior consulting experience with Big 4 is preferable
Experience in serving clients across different industry sector, especially in Insurance and Banking
Must have sound knowledge and understanding of security governance, information system audits, compliance and risk management, information security principles, cyber security, etc.
Prior experience in databases and reporting tools shall be preferred
Should have working knowledge (auditing & implementing) of common security standards and frameworks such as IS027001, ISO22301, NIST-CSF, COBIT, PCI-DSS, BCMS, ISMS, etc.
Sound understanding of IT-related risks, such as data security, cyber security, efficiency and availability, etc.
Lead/ assist/ deliver engagements maintaining high quality standards
Excellent communication and interpersonal skills
Excellent documentation skills especially on MS Office (Excel, Word, PowerPoint)
Years of Experience
More than 5 years of post-qualification experience in IT Risk Assessment and IT Security Governance & Compliance
Preferably delivered projects for clients (onsite or remote) in the Middle East and Africa (MENA) region
Qualifications
Masters/ Bachelors Degree in Computer Science/ Information Technology/ related field from a premier institute
Desirable Certifications: CISA/ CISM/ CISSP/ Lead Implementer/ Lead Auditor ISO 27001, ISO 20000, ISO 9001, etc.