Overview

IT Audit Jobs in Riyadh, Saudi Arabia at Emdad By Elm

Title: IT Audit

Company: Emdad By Elm

Location: Riyadh, Saudi Arabia

About:

The Associate Principal – IT & Cyber Audit supports the Internal Audit function in providing independent and objective assurance over IT systems, cybersecurity controls, and digital initiatives. The role focuses on assessing the adequacy and effectiveness of IT governance, information security, cyber resilience, and technology-enabled processes to ensure alignment with regulatory requirements, organizational policies, and strategic objectives. The position contributes to strengthening the organization’s control environment, managing technology risks, and enhancing trust in digital services and platforms.

Responsibilities:

  • Plan and execute IT and cybersecurity audits in accordance with the approved audit plan and internal audit methodology.
  • Assess general IT controls (ITGCs), application controls, and cybersecurity controls across systems, platforms, and infrastructure.
  • Evaluate compliance with relevant frameworks and standards (e.g., NCA, ISO 27001, COBIT).
  • Prepare clear, concise audit reports highlighting observations, root causes, risks, and practical recommendations.
  • Track management action plans and validate the timely and effective closure of audit issues.
  • Engage with IT, cybersecurity, and business stakeholders to understand systems, processes, and risk exposures.
  • Provide advisory input on control design for new systems, digital initiatives, and major IT projects when required.
  • Stay updated on emerging technology and cyber risks, regulatory changes, and leading audit practices.
  • Contribute to the enhancement of IT audit tools, techniques, and methodologies.

Requirements:

  • Bachelor’s degree in information technology, Computer Science, Information Systems, Cybersecurity, or a related field.
  • Relevant experience in IT audit, cybersecurity, risk management, or technology assurance.
  • Experience within government, regulated environments, or large complex organizations is preferred.
  • IT General Controls (ITGCs)
  • Cybersecurity controls and frameworks
  • Cloud and digital platforms
  • Identity and Access Management (IAM)
  • Data protection and privacy controls
  • GRC tools and audit analytics
  • Strong analytical and critical thinking skills
  • Clear written and verbal communication
  • Stakeholder management and collaboration
  • Attention to detail and professional judgment
  • Having one of these certificates is an advantage:
  • CISA (Certified Information Systems Auditor)
  • CISM (Certified Information Security Manager)
  • CRISC
  • ISO 27001 Lead Auditor / Implementer
Upload your CV/resume or any other relevant file. Max. file size: 800 MB.