A well-known and well-reputed Company based in Dubai, United Arab Emirates is looking for an experienced, skilled, competent, mature, qualified, creative, and intelligent candidate with significant knowledge and relevant working experience for the position of “Senior IT Auditor”.
|Company Name||DP World, Dubai|
|Qualification||Bachelors Degree | CISA | CISSP | CIA | PMP | CISM | CRISC|
|Experience||8 – 11 years of Relevant Experience Required|
|Monthly Salary||15,000 AED – 18,000 AED|
|Employment Type||Full Time | Permanent|
|Company Size||50-100 Employees|
- To use your development background and skills on technical IT Audits – to plan and conduct audits on full-stack Dev Ops – Web, Mobile, native Application stack to assess adequacy and effectiveness of security and development controls as well as good practices.
- To risk assess, plan & perform IT & Technical audits at any DPW group location either independently or as part of a team to assess the adequacy of IT & Secure Dev Ops controls in line with COBIT, ITIL, PMI, ISO27001, DPW HO IT policies, and other applicable IT, security & development frameworks, standards/ regulations.
- To produce effective and accurate IT audit findings and recommendations to remediate the control weaknesses and improve the overall maturity of the development and IT processes.
- To independently plan and conduct moderately complex technical IT audits with a specific focus on full-stack development, code reviews, configuration reviews, workflow testing, developer testing, functional & integration testing, on in-house and 3rd party developed application/ products.
- Act as an advisor to Group IT and other IT departments on Full stack development, problem-solving, development of good practices.
- Evaluating key IT & development risks across the group, Planning IT audit, defining & documenting audit scope, along with the Head of Tech Audit. To work with other Tech Audit team members on all audits as required.
- Engage with technical IT teams to identify and remediate software opportunities related to code quality, security, framework development, and software usability refinement.
- Document and Report findings & recommendations in an audit report in a concise easily understood manner to relevant parties, with supporting documentation and evidence to back up the findings.
- Develop, execute and maintain a comprehensive library of IT & Secure Dev Ops audit work programs including full-stack technology, databases, web portals and applications, e-commerce, and other systems.
- Follow up on closure of O/S Audit Issues on prior audit business units twice per annum, review and validate closure evidence and provide status data on Open/Closed issues to GIA Manager/Deputy/CIA as required.
- Keep up to date with the IT & software development industry trends and advancements by investing in self-learning and being an active member and contributor at organizations such as ISACA, Dev Ops forums, Development groups, emerging full-stack technologies.
- Enthusiasm for innovation in the tech industry, including continuous learning and improvement.
- Support the Head of Tech Audit on non-audit-related projects and initiatives.
- Accumulate and share good practices within the DPW terminal portfolio and external entities.
- Develop and maintain professional relationships with auditees’ IT teams to create an expert network, leverage the global expert network, promote synergy within various DPW IT departments.
- Act as an ambassador for DP World at all times when working; promoting and demonstrating positive behaviors in harmony with DP World’s Founder’s Principles, values, and culture; ensuring the highest level of safety is applied in all activities; understanding and following DP World’s Code of Conduct and Ethics policies
- Perform other related duties as assigned
Qualifications, Experience, and Skills
Knowledge & Experience:
- Proven delivery Experience with Secure DevOps and full-stack technology and methodologies including mobile stack, a Web stack, or a native application stack
- Experience in Cloud technologies/methodologies: AWS, Azure, Salesforce, CIDC, a plus
- Well versed with Agile, Containerised programming, Ecommerce applications, payment processing, Blockchain, AI, complex Data analytics, and business intelligence highly valued
- Understanding and delivery in both the front-end and back-end of an application, in databases, server configuration, user interface, microservices, API, development frameworks, and third-party libraries
- Ability to analyze complex situations and Writing clean, functional code on the front- and back-end, Analyzing existing code to identify coding or other issues, identifying, testing, and fixing bugs.
- Experience with Code reviews, including Secure development methodology, pre-implementation, during, and post-implementation assessments), with web security or debugging tools (ex: capture with Fiddler, Wireshark, etc)
- Knowledge of Technical Product Management
- Possess technical depth and applied experience in multi-layer solution development, performance tuning, solution debug, incident triage/remediation, and usability improvement.
- Ability to demonstrate adaptive experience gaining technical situational depth quickly, quantifying impact assessment, triage & root causing activities, defining remediation options, and expressing declarative technical recommendations.
- Strong working knowledge of Kubernetes – installation, maintenance, and operational, hosted Kubernetes on AWS, Azure, or GCP and Installing and maintaining on-premise Kubernetes infrastructure
- Working knowledge of automation tools such as Ansible, Chef, Puppet, Terraform, etc.
- Experience in automation of code deployment across multiple cloud providers, with Orchestration and Automation Platform products (i.e. Concourse, Jenkins, Airflow, etc.)
- Experience with Elasticsearch, Hadoop, Redis, and PostgreSQL a plus
- Knowledge of standards such as COBIT, ITIL, PMI, PRINCE2, Understand development frameworks and methodologies (SDLC, Agile, SCRUM, etc.)
- Independently plan and complete work seeking guidance from Head of Tech Audit and Tech audit managers as needed.
- Consistently document relevant facts and information which support the work performed and effectively evaluate audit results, weighing the relevancy, accuracy, and perspective of conclusions against the accumulated audit evidence.
- Provide professional support to rest of Internal Audit team and identify and maintain IT audit technical and best practice standards within the Group
- Work with Group and Regional IT departments to promote best practices, IT policy compliance, and consistent products and practice.
- Strategy, analysis, design, coding, unit testing, client-side and server-side architecture; Create security and data protection settings; Successfully tested or implemented controls from the OWASP Top10,oauth2, and SANS Top 25
- Grasp of IT Audit concepts, with some experience in IT, Audits highly valued
- Application Control testing – Reviewing a variety of computerized information systems such as Financial systems, systems that support Terminal Operations and Engineering Asset Management
- Comfortable working in time-sensitive situations. Flexibility, ability to change priorities quickly, and capacity to handle multiple tasks are often required of this position.
- Performing code reviews, Test software to ensure responsiveness and efficiency
- Proven experience crafting and presenting a technical, solution, and strategic documentation
- Strong analytical and problem-solving skills, good commercial and business acumen
- Bachelor’s degree in Computer Science, Engineering or related field
- Professional qualification e.g. CISA, CISSP, CISM, CRISC, PMP, CIA, or other certification a plus
- Minimum 8-10 years post qualification software development experience, with 5-7 years as a software engineer or developer
- 5+ years experience in development using modern languages and stack
- 3+ years with cloud-based development and deployment
- Desirable IT Audit experience (or combination of IT Audit and Systems Development)
- Interest in understanding complex data relationships to solve business problems
- Outstanding communication skills (oral, written, and presentation)
- Self-motivated and able to work well with minimal supervision
- Positive attitude and demeanor with a collaborative personality
- Able to travel between 30% and 70% of the time to locations around the world
- Ability to work as a team player with flexible hours in split remote working environments
- Proficiency in languages e.g. Arabic, French, Spanish, Cantonese, Mandarin, Korean an advantage