JOB SCOPE

To plan and execute the audits related to IT systems & networks infrastructure, applications, data security management systems & Cybersecurity to ensure compliance with laws, regulations, and industry standards. Assess and test IT controls to identify weaknesses or deficiencies in the IT infrastructure and systems. Provide assurance, consultancy and recommendations on control deficiencies to the audit, risk & committee.

ACCOUNTABILITIES

• Contribute to the development of annual year risk-based audit plans and perform risk assessment and identification of potential auditable areas as required by audit standards.
• Align the IT audit strategy with the airport’s Internal Audit Strategy and risk management framework, ensuring it supports organizational objectives.
• Develop and implement continuous monitoring capabilities to enhance audit coverage and effectiveness. Audit key airports IT systems for security, compliance, and operational effectiveness.
• Evaluate cybersecurity, data privacy, disaster recovery, and third-party risks to protect digital infrastructure and data assets.
• Develop & Implement data analytics to enhance audit testing, risk assessments, fraud detection, and performance monitoring.
• Lead automation initiatives and real-time dashboards to enable continuous auditing and improve efficiency.
• Ensure IT systems comply with aviation regulations, data privacy laws, and internal control frameworks.
• Coordinate with ERM and user departments to ensure that the ERM risks flow into the Audit Universe
• Oversee audits of network security, Identity & Access Management (IAM), endpoint protection, and incident response preparedness.
• Review data governance policies and Mobile Device Management (MDM) systems for compliance, accuracy, and data integrity.
• Advise senior leadership on emerging IT risks, technology threats, and digital transformation impacts on audit processes.
• Drive Audit Innovation and Lead the adoption of advanced technologies like RPA, AI-based risk scoring, and analytics to improve audit processes.
• Foster a data-driven audit culture and mentor staff on analytics tools and continuous learning.
• Support the implementation and optimization of GRC tools, ensuring integration with audit workflows.
• Owner of Audit Automation System: Oversee the implementation, maintenance, and usage of the audit automation system (Teammate).
• Escalate critical operational risks to the CAE and ARC and Represent Internal Audit on technical risk matters.

QUALIFICATIONS AND EXPERIENCE

• Bachelor’s degree in Computer Science, Information Systems, IT or any relevant field. Master’s degree is a plus.
• Minimum of 12-15 years of related work experience in IT & data analytics audit with 3 - 4 years in supervisory level, preferable in aviation sector.
• CISA or equivalent International Professional Certification in Information Security Audit.
• Excellent leadership, mentoring and communication skills.

SKILLS AND COMPETENCIES

• Strategic thinking
• Leadership
• Problem solving
• Attention to Detail
• Negotiation
• Influencing
• Results focus
• Communication
• Situational awareness
• Teamwork