Senior Auditor, IT (Digital Infrastructure)

ADNOC· Abu Dhabi, United Arab Emirates· Posted 1h ago· via ADNOC
region UAE
Apply Now

$ cat job-description.txt

Job Purpose

Perform  assigned  audit engagements in the domain of Digital Infrastrcuture, from start to finish, inclusive of preplanning, wrap up activities ensuring application of risk and control concepts to scenarios encountered, and identify any potential issues within ADNOC and Group Companies.   Contribute in the capacity of SME, in  the  periodic Risk Assessments and development of the Risk-Based Work Plans focusing on Infrastructure Security (Network, Cloud, Systems, Databases etc.) including vulnerability assessments and penetration testing at infrastructure and network layers within ADNOC and Group Companies.

Long Description

KEY ACCOUNTABILITIES :

Job Specific Accountabilities

Internal Audit Plan

- Develop the audit universe to ensure it covers Digital Infrastructure and cybersecurity risks in line with the other D&T risk areas like (Digital governance, OT, process, applications, technology interface, and emerging technologies) that could affect the ADNOC Business operations.

- Review and update the D&T audit universe specifically for Digital Infrastructure and Network.

- Develop and implement strategic initiatives ( e.g. Infrastructure Assurance Plan etc. ) that impact the group-wide audit plans and oversee the execution to ensure it fulfills the objectives.

Audit Execution

- Perform audits, advisory engagements, and other influencing activities in highly technical areas of current/emerging technologies within ADNOC and Group Companies.

- Develop a detailed audit program / Risk & Control Matrix (RCM) for the assigned audit, including the objectives, potential risk, key controls, audit procedures, and the use of audit techniques and tools to evaluate  governance , risks, and controls processes, and submit audit program to the management for review and approval.

Job Specific Accountabilities (Part 1)

- Ensure that adequate working papers and all relevant information are continuously documented and  updated in the automated Audit Management System in accordance with pre-defined templates and audit procedures.

- Ensure that approved audit objectives have been met with adequate coverage of all relevant areas and sufficient audit evidence is obtained to support the conclusion and recommendations in accordance with  professional audit standards.

Audit Reports

- Prepare an audit report with a conclusion, expressing professional opinions on the adequacy and effectiveness of risk  management , control systems, and the efficiency with which activities are carried out. Recommend improvement options to rectify reported deficiencies for Department Manager’s review.

- Recommend  practical enhancements in Digital and Technology governance, risks, and control processes to assist in the achievement of the company's business objectives.

Coordination

- Assist in the periodic reporting to the Audit Committee and Senior Management on Technology audit activities, performance, significant risk exposures, controls/governance issues, and other related matters within ADNOC and Group Companies within ADNOC and Group Companies.

Minimum Qualification

Bachelor's Degree in Computer Science or related Technology discipline, or equivalent discipline

Minimum Experience, Knowledge & Skills

- 8-10 years  of  relevant experience in  D&T or IT  internal auditing, and a minimum of 5+ years of work experience in Digital Infrastructure and cybersecurity domain.

- Advance technical knowledge of core infrastructure, network components (routers, switches, firewalls etc.), cloud security, different operating systems, databases, virtualization technologies and security operations.

- Sound knowledge coupled with extensive experience in technology-related risks in emerging areas such as Cloud, Internet of Things (IoT), Zero-Trust / Defense In-Depth architecture, Identity and Access management, digitalization, automation etc.

- Strong hands-on experience in conducting vulnerability assessments / penetration testings at  infrastructure, network, and system layers.  Bug bounty hunting would be an added advantage.

Minimum Experience, Knowledge & Skills

- Exposure in reviewing infrastructure platforms hosting AI/ML solutions to assess related risks, security controls, and governance aspects across the AI technology stack would be an advantage.

- In-depth knowledge of Digital processes, including, but not limited to, business continuity and disaster recovery, enterprise architecture, infrastructure review (on-prem and cloud), access-right management, change management and DevOps etc.

- In-depth knowledge  of International Professional Practices Framework for IT Assurance/IT Assurance Framework (ITAF) and other related frameworks/standards (e.g. COBIT, ITIL, ISO27000,  ISO22301  NIST) and their interpretation/ application  to IS/IT auditing practice.

- Experience in managing and tracking time for different Internal Audit-related activities.

- Expertise in  collecting  and analyzing complex data using data analytics tools, evaluating information and systems, and drawing logical conclusions

- Extensive  knowledge of planning and project management areas

- Awareness/ knowledge of ERP and Operational Technology (OT) processes and systems. (preferred.

Professional Certifications

- IT audit certification, CISA, is mandatory   or willing to obtain within one year of joining.

- Other related certifications ( GIAC,  CISSP,  OSCP,  CISM,  etc. ) are preferred.

- Technical certifications (CCNA, CCIE ,  ,   Azure , CCSK  / CCSP ,   GPEN etc .) are desirable .

first seen 2026-07-03 08:00:01 · last verified 2026-07-03 08:00:01

pentestcareers.com // breach the job market

Get new pentesting jobs in your inbox