5.0 - 8.0 years

15 - 20 Lacs

Navi Mumbai

Hybrid

Job Requirements IT/OT Auditor Perform assigned internal audit engagements in the domain of IT and Operational Technology (OT) for ACWA POWER group, from start to finish, inclusive of preplanning, wrap-up activities ensuring application of risk and control concepts to scenarios encountered and identify any potential issues. Job Specific Accountabilities: Perform IT/OT Audits, Cybersecurity reviews, advisory engagements and other influencing activities in highly technical areas of current/emerging technologies within ACWA Power Group. Adapt the audit approach to the ever-changing technology landscape and deliver critical and complex technology audits that impact the group-wide internal controls. Develop detailed Audit Program/Risk & Control Matrix (RCM) for the assigned audit, including potential risk, key controls, audit procedures and the use of audit techniques and tools to evaluate governance, risks, and controls processes. Determine auditing procedures to be applied, including the use of Information Systems Audit Techniques, data analytics, sampling method, etc. Identify high-risk areas, key control points, root causes and implications in relation to IT/OT environments reviewed. Prepare audit report with the conclusion, expressing professional opinions on the adequacy and effectiveness of risk management, control systems, and recommend improvement options to rectify reported deficiencies. Ensure that adequate working papers and all relevant information are continuously documented and updated in the automated Audit Management System in accordance with pre-defined templates and audit procedures. Appraise the adequacy of the corrective actions taken by management on audit recommendations through follow-up audits and periodically review and update the status of management action plans. Assist in the periodic reporting to the Audit Committee and Senior Management on internal audit activities, performance, significant risk exposures, controls/governance issues, and other related matters. Provide relevant business and technology insights into the current, emerging & potential technology issues, trends & opportunities affecting ACWA Power Group. Participate in conducting special reviews and undertake administrative duties as directed by Management. Supplement integrated audits and support business and group auditors in reviewing the technology controls within an operational audit. Minimum Qualification: Bachelor's Degree in Computer Science or related Technology discipline, or equivalent discipline. Minimum Experience, Knowledge & Skills: 5-7 years of varied experience in IT internal auditing and a minimum of 3+ years of work experience in Operational Technology or Industrial Control Systems. Expertise in developing or reviewing IT/OT security programs and conducting cybersecurity assessments for IT/OT environments including ICS, SCADA systems etc. and associated OT network architecture. Solid foundational knowledge of IT/OT security landscape including but not limited to, network architectures, network protocols, industrial protocols, Active Directory, Backup processes, virtualization of applications and OT integration with traditional IT systems (IT and OT Convergence). Solid understanding of OT security technologies such as Data diode, EDR, Antimalware, patch management, SIEM solution etc. Advance technical knowledge of different operating systems, databases, network infrastructure components (routers, switches, firewalls etc.). Advanced knowledge of OT/ICS-related standards like IEC 62443, NIST 800-82. Knowledge and understanding of Regulatory Standards such as NCA (ECC, OTCC, CCC etc.), NESA, ISR etc. Knowledge and experience with OEMs Honeywell, Yokogawa, Siemens etc. systems will be added advantage. In-depth knowledge of International Professional Practices Framework for IT Assurance/IT Assurance Framework (ITAF) and other related frameworks/standards (e.g. COBIT, ITIL, ISO27000, NIST) and their interpretation/application to IS/IT auditing practice. Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action. Expertise in collecting and analyzing complex data using data analytics tools, evaluating information and systems, and drawing logical conclusions. Extensive knowledge of planning and project management areas. Professional Certifications: IT audit certification such as CISA OT or ICS-related certifications are highly desirable. Other related certifications (CISSP, CISM, GIAC, GICSP, IEC-62443 etc.) are preferred.

Posted 2 days ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.