Manager - Internal Audit Department
Irbid Manufacturing
Total des années d'expérience :19 years, 8 Mois
Handling and managing IA department planning and operations.
Set the strategic direction of the IT internal audit function to achieve the objectives and responsibilities established by the Audit Committee of the Board of Directors in accordance with the Audit Division Charter and in alignment with the Group's strategies and objectives.
Conduct independent and objective assessments of business processes, systems, and risk management activities and provide accountability for continuous improvement and risk mitigation while offering value-added recommendations for enhanced performance.
Identify and implement appropriate changes to audit programs to achieve comprehensive coverage of high/emerging risk areas, processes, applications, key initiatives, and new and changing regulatory requirements.
Maintain planned staffing levels through effective recruiting and high impact retention strategies including targeted use of external resources.
Ensure adequate depth of subject matter expertise and knowledge to provide audit coverage of the Group's business activities, top risks and new and changing regulatory requirements.
Implement and maintain an effective infrastructure, tools and technologies to support the efficient execution of the audit program
Implement an appropriate risk-based planning methodology designed to provide adequate audit coverage of the business processes and control environment of the Group.
• Leading technology information security and audit team to carryout IT, operational and Technology audits and security assignment for clients in the ME region.
Software and systems slection and functional review projects including feasibility study, SRS, Design, implementation, UATand maintenance and integration.
• Specialize in Business and Technology risk and Enterprise Governance and Risk management ERM wherein I have worked with almost all Private Telecom Operators and many investment companies in Middle East, Africa as well as a leading telecom operator in India.
Security managed services for clients.
Policies and procedures creation in line with best practices such as ISO27001, ITIL, CobiT, PMI, BS25999, TOGAF and EAI.
• I have worked with/Lead multi-functional / multi -national teams across different areas.
• Identifying process gaps and opportunities to reduce risks.
• Led work efforts for numerous IT internal audit reviews at a leading telecom operations and investment companies / financial institutions in the Middle East and Africa. Audit scopes included application security, IT asset management, data privacy, financial application segregation of duties, servers, workstation and telecommunication security, program management, policies and procedures, Service Management, and Business Continuity and disaster Recovery plans.
• Managed reviews of core applications for capacity monitoring and performance. Also managed reviews of Core Network operation center including maintenance, operation and fault management procedures. The review also included SLAs and KPIs for network performance and availability.
Projects manager: project managed many high tech / high value projects Representing the clients PMO as project manager.
IT audit and Security consulting team management
Responsibilities:
• Examine and verify Information System processes and procedures from internal organizations in order to determine the reliability and effectiveness of the existing control systems.
• Continuously analyze business risk profiles and provide assurance that appropriate risk mitigation is taken.
• Provide management with independent and objective reports, evaluations, appraisals, counsel, and recommendations.
• Support the group Audit Manager, Finance/Operation stakeholders, company divisions and subsidiaries in a consulting role by evaluating and recommending improvements to business practices, processes, and control procedures.
• Perform information systems / Security audits over the technical infrastructure, Data Center operations, applications including (Oracle Financial & HRMS, Postpaid critical applications:rating, Billing, mediation, Credit & Collection system), Prepaid application system and associated processes.
• Perform highly technical reviews, configuration and security assessments of areas such as operating systems (Windows and Unix), database management systems, firewalls, routers, and web based applications.
Responsibilities:
• Examine and verify Information System processes and procedures from internal organizations in order to determine the reliability and effectiveness of the existing control systems.
• Continuously analyze business risk profiles and provide assurance that appropriate risk mitigation is taken.
• Provide management with independent and objective reports, evaluations, appraisals, counsel, and recommendations.
• Support the group Audit Manager, Finance/Operation stakeholders, company divisions and subsidiaries in a consulting role by evaluating and recommending improvements to business practices, processes, and control procedures.
• Perform information systems audits over the technical infrastructure, Data Center operations, applications including (Oracle Financial & HRMS, Postpaid critical applications:rating, Billing, mediation, Credit & Collection system), DWH, Prepaid application system and associated processes.
• Perform highly technical reviews, configuration and security assessments of areas such as operating systems (Windows and Unix), database management systems, firewalls, routers, and web based applications.
Certified Information System Security Professional