Internal Audit & Risk Management Officer

The Internal Audit & Risk Management person would be responsible for overseeing and managing a portfolio of audits & Risk Management. The role involves assessing internal controls, risk management processes, financial reporting, and ensuring compliance with legal and regulatory standards. This individual will play a critical role in safeguarding the company’s assets, driving operational efficiency, and ensuring adherence to company policies and industry standards.

Key Responsibilities

- Audit Planning & Strategy:

• Participate in building the annual internal audit plan in collaboration with senior management, ensuring alignment with the organization's objectives and risk profile.

• Participate and lead in discussions with management and senior stakeholders on Enterprise Risk Management.

• Participate in risk assessments to identify key areas of concern and prioritize audits & risk activities accordingly.

- Delivery:

• Participate and lead to deliver the audits and ERM activities.

• Perform audits of financial, operational, compliance, and IT-related areas in both the corporate and software-specific sectors.

• Evaluate the adequacy and effectiveness of internal controls, risk management practices, and corporate governance processes.

- Compliance & Regulatory Oversight:

• Ensure the company complies with relevant local and international regulatory frameworks, Data Protection Regulation, and industry-specific standards.

• Monitor and report on the effectiveness of compliance programs and internal control procedures.

- Reporting & Communication:

• Prepare detailed audit reports summarizing findings, risks, and recommendations.

• Prepare, evaluate and present ERM plan & findings.

• Present audit results and provide actionable insights.

• Work closely with stakeholders to discuss audit results and drive the implementation of corrective actions.

- Continuous Improvement:

• Identify areas for improvement in internal controls, audit processes, and risk management.

• Recommend and implement best practices to enhance efficiency and effectiveness in the internal audit function.

• Stay updated on industry trends, emerging risks, and new audit methodologies relevant to the software and GCC sectors.

- Collaboration with External Auditors & Stakeholders:

• Act as the primary point of contact for external auditors and regulatory bodies during audits and reviews.

• Collaborate with other departments such as finance, legal, compliance, and IT to understand operational challenges and address audit findings.

• Regular interactions with senior leadership for ERM.

- Business Continuity Plan:

• For situations triggering BCP, call for emergency meeting with the Control Authority /BCP members, identify control actions required and track them to closure.

• Organizes BCM committee meetings.

• Define BCMS organization.

• Implementation of BCMS tasks (e.g., BCP tests, trainings) in the organization.

• Define yearly BCP plan in Jan which include the time for review & update BCMS framework.

• Sharing of LL&BP in the BCP trainings & management meeting.

• Follows-up open points from BCMS review minutes.

• Review on open points from BCP test lessons learnt and audit.

Qualifications:

• Bachelor’s degree in Auditing, Accounting, Finance, Business, or a related field.

• CA/CIA/CPA/ICAEW or equivalent certification preferred.

• 5+ years of experience in internal audit & risk management, preferably in the software or GCC industries or Big 4 consulting companies.

• Experience with risk-based auditing and knowledge of IT audit frameworks.

• Experience in auditing software development lifecycle or technology-driven processes is an advantage.

Key Skills and Competencies:

• Strong understanding of internal audit methodologies, risk management, and corporate governance frameworks.

• Expertise in software development processes, IT controls, and security risk management.

• Strong analytical skills, with the ability to assess complex systems and identify control weaknesses.

• Excellent communication skills, both written and verbal, to communicate audit findings to senior management and stakeholders.

• Leadership capabilities to manage teams and drive cross-functional collaboration.

• Knowledge of ERP systems, financial reporting tools, and audit software.