Kent | IT Internal Audit Manager

IT Internal Audit Manager

Skills & Responsibilities:

• Own, develop, execute and manage the annual IT internal audit plan aligned with business objectives and key IT risk areas.
• Lead audits across IT general controls, application controls, project systems, cybersecurity, IT infrastructure, networks, cloud environments, data, change programmes, and IT related processes.
• Assist in or take ownership of select audits across operational, financial, compliance, process, project, and contract areas as needed.
• Own the IA function s data analytics and AI adoption, acting as the primary analytics partner for audit teams by using data to identify risks, anomalies, and trends across IT and business processes, driving targeted testing and supporting risk-based decision-making.
• Lead the extraction, preparation, and analysis of data from ERP (Oracle) and other business systems to drive operational and IT audit testing, ensuring robust, accurate populations and insights.
• Conduct risk assessments and ensure appropriate audit coverage of higher-risk IT areas.
• Review internal controls, identify gaps or vulnerabilities, assess root causes, and recommend practical, business-focused solutions.

• Prepare clear and well-structured audit reports outlining findings, implications, and actionable recommendations.
• Present audit outcomes to senior management and support the development and closure of remediation plans.
• Monitor implementation of corrective actions and conduct follow-up reviews.
• Ensure compliance with Internal Audit Standards (IIA), relevant IT audit frameworks, and company policies, and drive continuous improvement of internal audit methodology, SOPs, and practices.

• Partner with IT, Security, and business teams to understand processes, identify risks, and provide trusted advisory support, maintaining independence and professional judgment.
• Deliver practical guidance during process changes, system enhancements, and strategic initiatives, ensuring effective controls and risk management.
• Build credibility and influence across all levels, fostering accountability, strong relationships, and operational excellence.

• Support development and enhancement of the IT and other internal control and risk management frameworks.
• Identify emerging IT and other risks within the EPC sector and recommend proactive mitigation strategies to strengthen business resilience.
• Promote a culture of governance, compliance and continuous improvement.

In addition to the responsibilities listed herein, the employee may be required to perform other ad-hoc tasks as needed or directed by the supervisor or management. These tasks will be within the reasonable scope of the employees skills, capabilities, and role within the organization. The intent of this provision is to allow for flexibility and adaptability in meeting the dynamic needs of the organization, ensuring that operational requirements can be met efficiently. All such tasks will be assigned considering the employees current workload and with respect to their professional development

Your knowledge/skills, education, and experience:

• Certified Information Systems Auditor (CISA) is mandatory.
• Chartered Accountant (CA, ACA, ACCA, CPA or equivalent) is mandatory.
• Certified Internal Auditor (CIA) strongly preferred.
• 5 10 years post qualification experience in IT internal audit, technology risk, cybersecurity audit, or related roles.
• Bachelor s degree in commerce, IT, Computer Science, Information Systems, or related field.
• Additional IT-risk or cybersecurity certifications (CISM, CRISC, or CISSP) are highly desirable.
• IT Internal audit experience is required, with EPC or Oil & Gas experience highly preferred.
• Strong knowledge of auditing standards (IIA), IT governance, IT controls, and security frameworks including COBIT, NIST, ISO 27001 and risk management methodologies.

• Excellent command of the English language in both oral and written communication and skills, including report writing and audit reporting to senior management and stakeholders.
• Ability to summarise complex findings clearly, present recommendations, and engage management with clarity and influence.
• Competence in stakeholder engagement by liaising with different business units, external auditors, and management to achieve alignment and buy in for audit findings and remediation.

Behaviour/ Core Competencies:

• Strong analytical thinking, critical judgment, problem solving and commercial awareness.
• High integrity, objectivity, and professional ethics, maintaining independence and confidentiality.
• Works independently, manage multiple audits concurrently, and delivers to tight deadlines with accuracy and discipline.
• Effective influencing, presentation and interpersonal skills.
• Leads and develops the audit team, providing mentorship, overseeing performance, and promoting high standards and continuous development.

Other:

HSSEQ:

Details about the role: