IT Auditor
- PetroApp
- Maadi, Cairo Governorate, Egypt
- Full-time
وصف الوظيفة
Key Responsibilities:
- Security Audits: Conduct thorough security audits of the company systems to evaluate the effectiveness of security controls and identify vulnerabilities.
- Risk Assessment: Perform risk assessments to identify potential security threats and weaknesses in IT infrastructure, applications, and processes.
- Compliance Monitoring: Ensure compliance with relevant security standards and regulations (e.g., PCI-DSS, GDPR, ISO 27001) by evaluating existing security policies and practices.
- Incident Response Evaluation: Review and assess the effectiveness of incident response plans and security incident management processes.
- Security Framework Implementation: Collaborate with IT and security teams to implement security frameworks and best practices that align with industry standards.
- Reporting and Recommendations: Prepare detailed audit reports highlighting security findings, risks, and actionable recommendations to enhance the organization's security posture.
- Stakeholder Collaboration: Work closely with cross-functional teams, including IT, compliance, and risk management, to promote a culture of security awareness and best practices.
إمتيازات الوظيفة
- Private Health Insurance
- Performance Bonus
متطلبات الوظيفة
- Bachelor’s degree in information technology, Cybersecurity, Computer Science, or a related field.
- Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Certified Risk and Information Systems Control (CRISC) are strongly preferred.
- Minimum of 5-7 years of experience in IT auditing with a focus on security, preferably within the fintech industry.
- Proficiency in security auditing methodologies and tools, including experience with vulnerability assessment tools and security information and event management systems.
- Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001) and risk management principles. Familiarity with application security practices and secure software development lifecycle (SDLC) is essential. Experience in assessing third-party security risks and conducting vendor security assessments.
- Exceptional analytical and problem-solving abilities, with strong communication skills to convey complex security issues to both technical and non-technical audiences. Detail-oriented with excellent organizational skills.
- Willingness to travel internationally as needed for audit engagements.
