About the Position
The internal audit function at Aramco Overseas Company is seeking to add an Information Technology (IT) audit professional to strengthen the function. This IT audit position will interact with various levels of management across multiple businesses and operations and report to the Chief Internal Auditor of the company. This position provides unparalleled opportunity to learn about the Company’s various businesses and operations. This position is expected to be based in the city of The Hague in the Netherlands, with approximately 10-15% travel.
• Provide Business and IT management with guidance on IT risk management matters, particularly on application and infrastructure security.
• Responsible for developing and maintaining the IT Universe and IT Risk Assessment at the Company Level under the oversight of the Chief Auditor; including identifying areas where business units should consider additional investment and areas internal audit should focus on.
• Conduct audits or lead audit teams in performance of IT audits and reviews of systems, applications and IT processes. Prepare and report results to executives and/or Audit Committees. These include;
o Perform pre and post- implementation reviews of system implementations or enhancements.
o IT security audits (e.g. network, operating system and data center), including evaluating if security vulnerabilities are properly identified and mitigated. Coordinate the scope and performance of these reviews with business units and external security experts.
o Evaluate information general computing controls and provide value added feedback. Test compliance with those controls.
o Perform various other reviews of IT management policies and procedures such as change management, business continuity planning/ disaster recovery and information security to ensure that controls surrounding these processes are adequate.
• Develop, build & implement tools to analyze data to improve audit efficiency and effectiveness, (including for risk assessments). Ultimately be a source for analytics that business units adopt to provide business insights or for continuous auditing.
• Conduct audits or lead audit teams in operational / financial audits.
Qualifications & Skills
A. Education and Training:
o Degree in Computer Science, Information Technology, Computer Information Systems, IT Risk Management/Governance, Business Administration, Finance, or Accounting.
o Certified Information Systems Auditor (CISA) (essential).
o Certified Cloud Security Professional (CCSP) (highly desired)
o Understanding of multiple technology domains including software development, operating systems, database management, networking, and Cloud Computing.
o Understanding of information security standards, best practices for securing computer systems, and applicable laws and regulations.
o Excellent English skills both written and oral
B. Technical or Professional Experience
o Minimum 8+ years of relevant IT background experience.
o Prior position in IT Governance/IT Audit – internal audit or external auditing firm.
o Progressive achievement in one or more of the traditional IT disciplines (applications, operations, infrastructure, and management).
o Experience with IT Operations desirable.
C. Skills Requirements:
o Outstanding interpersonal and communications skills; ability to communicate effectively with technical and non-technical audiences.
o Expert knowledge of internal auditing, internal controls, risk management, and finance and accounting practices and methods.
o Comprehensive understanding of internal control environments within the IT function.
o Experience with multiple technology domains including aspects of operating systems, SAP and/or database administration, software development, networking and cloud computing.
o Excellent leadership and teamwork skills.
o Proactive, hands-on, results-driven orientation required.
o Ability to blend exceptional attention to detail with an ability to retain strategic direction within a rapidly evolving entrepreneurial business culture.
o Ability to produce high quality work products for both the IT groups and Senior Management.
Additional Desirable Qualifications:
· Holds a university degree in either Computer Science, Information Technology, Computer Information Systems, IT Risk Management/Governance, Business Administration, Finance, or Accounting
· Recognized information systems/accounting/auditing/ certifications (e.g. CISA, CCSP, CISA, CISSP, CPA, CIA, etc.)
· Big Four Accounting Firm experience