Bahrain Petroleum Company Hiring for Senior Auditor IT/OT – [For Nationals Only] at المحافظة الجنوبية البحرين Full Time

Job Purpose:

Conduct Information Technology (IT)/Operational Technology (OT) audits as per the risk based Internal Audit Plan and the International Auditing Standards to assess the design and effectiveness of internal controls, risk management and governance related to the process in scope. Further, perform other assignments related to IT/OT as requested. Example of key areas relevant to the job, review the:

– IT/OT infrastructure and facilities – Business Application Solution Development and Services – IT/OT governance and administration – Operational efficiency and effectiveness of the current process in the achievement of the Company business objectives. – Information security including PDPL compliance. – General and application IT controls.

Responsibilities:

1. Participate in the Risk Assessment process, particularly IT & OT processes, for developing the three (3) years Risk Based Internal Audit Plan. 2. Plan, develop and execute the required IT& OT audits of the organization, as per established standards to evaluate the design and operational effectiveness, determine exposure to risk, and subsequent development of remediation strategies. 3. Identify any previously unidentified risks as well as confirm the strength of the Company’s existing processes and controls in place to address the risks and determine the residual risk accordingly. 4. Produce internal audit findings with recommended action points, to the Audit Committee of the Board of Directors and the Management; to enable them to have objective assessment of processes and operations, systems and subsequent mitigation plan. 5. Track and manage all audit issues to completion, making sure that responses from management are received in a timely manner, and that audit issues conform to recommendations, as well as having an estimated completion date that is reasonable and a specifically assigned action owner. 6. Take part in major IT initiatives and projects as well as in reviews of systems. IT Policies and Procedures, and internal controls under development. Participate in special projects or studies such as fraud investigation, risk assessment, due diligence acquisition reviews, audit department policy updates, etc. 7. Assist External Auditors and auditors from National Audit Office to facilitate their review of the Company’s systems by providing requested information.

Qualifications:

• Minimum bachelor’s degree in information technology or computer science, Electronics Engineering. • Minimum 10 years of Auditing experience in Information Technology/Operational Technology, preferably in a large organization. • Certification in Information Systems Auditor (CISA)/Cybersecurity Forensic Analyst Certification (CSFA)/ Certified Information Systems Security Professional (CISSP)/Certified ISO/IEC 27001 Lead Auditor or equivalent are desirable. • Sound knowledge of Microsoft Office Suite and Audit Command Language (ACL) audit software. • Advanced knowledge of network and application vulnerability assessment, IT & OT practices, risk assessment practices, change control, data privacy, and business continuity with broad audit experience across various areas of IT & OT, including databases, operating systems, and applications. • Strong knowledge of the various auditing standards recognized in the industry, including ISACA IS Audit and Assurance Standards and Guidelines and Institute of Internal Auditors (IIA) Standards and Guidelines. • Strong attention to detail with an analytical mind and outstanding problem-solving skills. • Great awareness of IT & OT trends and industry updates. • Strong presentation, verbal, and written communication skills.