Mazars Qatar Governance & Risk Internal Controls practice in Qatar looking for an experienced Senior Internal Audit with 3-5 years’ experience to work within our team delivering on Internal Audit, Governance, Program & IT Assurance engagements to our public and corporate sector clients. This role provides an outstanding opportunity for an individual with considerable experience in IT Governance and Risk Management to join our growing team and gain exposure to a dynamic mix of client engagements.
About the role
The role of the senior/consultant is to provide support to the senior manager and partner in the performance of these various types of engagements.
The major part of the work is based in Qatar, but you will be serving not just the Qatar unit but will be part of Gulf Countries center of excellence. With some travel to regional offices and the locations of service providers.
Expected candidates to have:
- Previous (3-5 years) experience in either IT Audit or IT consultancy environment, preferably big 4 experience.
- Excellent communication skills. This involves, in part, a persuasive consultancy role with clients and, in part, an ability to write high quality (and also high profile) reports which provide balanced, concise and authoritative judgements. These reports are made available to senior management, including the firm’s Audit and Risk Committee.
- Excellent organisational skills.
- Self-motivated and able to prioritise own workload.
- Ability to manage a number of projects at the same time.
- Willing and flexible attitude.
- Good understanding of IT risks and IT project management.
- A commitment to internal auditing as a career.
- Team player.
- Good coaching skills.
- Able to work under pressure, on own initiative and as part of a team.
- Ability to establish good working relationships with clients and colleagues at a more senior level.
- Committed to acquiring qualifications, gaining new experience and updating skills.
- Preferably, one to four years post-qualification IT auditing experience in either an external audit or an internal audit environment. Training will be provided to close knowledge gaps.
- A good understanding of IT systems and controls.
- Knowledge and/or experience of using COBIT, ISO27001 and ISO22301
- Gained or be working towards a relevant professional qualification (CISA, CIA, PMP, CEH, CISSP, PRINCE2)
- Understanding of the risk, control and regulatory issues
- Ability to build relationships quickly and develop effective and challenging relationships with clients.
- Experience of driving formal sales processes and working with different internal teams on those proposals (e.g. technology risk, regulatory risk and management consulting teams)
Typically the work includes:
- Preparing and managing the project time budget
- Documenting the work plan for carrying out the project.
- Reviews of the general IT controls environment cover, but are not limited to, organisational and operational controls, change management, system interfaces, systems development including segregation between development and production environments, program development and testing, configuration and release management process network controls, physical security, user authentication controls, administrator account controls, back-up and recovery, file and data permissions, incident management and configuration controls.
- Applications. Applications controls reviews typically would involve interviewing client staff, observing procedures, reviewing documentation, testing controls and procedures and some re-performance.
- Business continuity planning – this involves reviewing the business continuity and disaster recovery framework from the strategic level downwards
- Program assurance reviews – providing the IT project management controls and the effecrtivness of IT project execution according to generablly accepted practices and PMP standards