Req Number: 19018BR
We are seeking an Information Systems Auditor to work with the Functional Audits Department under Internal Auditing Admin Area.
Internal Auditing is an independent and objective assurance and consulting activity designed to add value and improve the operations of Aramco. Internal Auditing helps the organization to accomplish its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of the organization’s risk management, control, and governance processes. Internal Auditing provides members of Management and the Board of Directors with analyses, recommendations and information concerning the activities reviewed.
The successful candidate should hold a Bachelor’s degree in Information Technology or Computer Science is required; while an MBA or applicable Master’s degree is preferred.
At least one professional certification, such as the Certified Information Systems Auditor, Certified Information Systems Security Professional, Certified Information Security Manager or a similar professional credential.
Minimum of 7 years Audit experience gained in Information Technology.
Commitment to travel to accomplish assurance and consulting activities is necessary.
Required Audit experience:
Hands-on audit experience in most aspects of IT controls including: (Systems Development Life Cycle (SDLC) – Application Security – Databases – Operating Systems – Network – Infrastructures – Change Control – Project management – Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) – Plant Networks and Systems – Datacenters and physical security – Data analysis using MS Excel, MS Access, or ACL.
Working knowledge in the majority of the following areas with specialist knowledge in at least one:
SAP: Security, Authorizations and Segregation of Duties, Basis, Business Process Analysis, Portal, and functional and technical knowledge of various SAP applications such as Finance and Controlling, Human Resources, Supply Chain Management and Material Management, Business Information Warehouse, and Customer Relationship Management.
Process and Industrial Control and Automation Systems (SCADA, DCS, PI, RTU, ESD, VMS).
Operating systems (Unix/Linux/Windows).
Network Infrastructure (Routers/Switches/Firewalls/IDS/IPS/VPN/Wireless/NMS).
Storage technologies (SAN/NAS/iSCSI/Archiving).
Application Development and Security (Extranet/Intranet/Java/.Net/ABAP)
Data protection and information security technologies (Encryption, PKI, Digital Rights Management, Active Directory, LDAP).
Relational Database Management Systems (Oracle/MS SQL).
Duties & Responsibilities:
You are expected to perform the following:
Lead auditors and work under the direction of an Audit Manager.
Develop audit programs.
Risk-based audits through observation, substantive testing and data analysis.
Prepare and issue audit reports and management letters.
Supervise and review audit work.
Provide on-the-job training and mentoring to inexperienced staff.
Knowledge transfer to other auditors.
Consulting services to clients.
Deliver Presentation to client Management at the opening and closing meeting.
About Saudi Aramco
Saudi Aramco is the world’s largest integrated oil and gas company; its upstream operations are based in the Kingdom of Saudi Arabia and it also operates a global downstream business. Headquartered in the city of Dhahran, the company operates in eight locations within the Kingdom and 20 locations overseas, and employs around 76,000 people.