Auditor
Confidential
Total years of experience :7 years, 1 Months
• Receives and reviews the application of the clients applied for certification.
• Plans for the Audit and coordinates with the client and his own audit team.
• Conducting opening meetings, manage audits, and completing the reports.
• Recommending the CB on issuing the certificate to the clients.
• Responding as Auditee to the Accreditation body audits.
• Travel to client sites for auditory reviews and assessment.
• Training the Junior auditors to meet the requirements of CB, accreditation body, and ISO auditing guidelines.
• Creating IT Security catalog / repository and conduct Info Sec. documentation reviews
• Reviewing, revising, and, where appropriate, proposing new policies and procedures to ensure compliance with applicable laws and regulations or standards
• Conducting thorough Risk Assessment and Threat Modelling exercises for various clients
• Managing feedback and plans from audits for multiple clients
• Identifying major risk factors for IT Governance and developing and coordinating the implementation of strategies to reduce/remediate process, operational, regulatory and compliance risks
• Providing support and oversight to Company’s various IT /IS audit projects and testing initiatives, including audits of its internal controls
• Ensuring that the appropriate IT controls are considered throughout new system implementation projects and reviewing documentation for new IT processes that impact compliance, as required
• Deliver security services such as GRC Audit and Implementation services to clients. The services include technical security assessments of applications and infrastructure, security design reviews as well as risk assessments.
• Perform application and infrastructure Cyber Security Assessments, as well as physical security review and social engineering tests for our global clients
• Review and define requirements for information security products implementation.
• Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
• Standard Includes (ISO 27001, ISO 22301, SAMA Frame Work, SOC2) ETC.
Monitors and maintains the computer systems and networks of CRI Group. Installs and configures computer systems, diagnose hardware/software faults, maintain
and update company website and solve technical problems. Responsible to bring the
organization’s information security risks under explicit management control through the
Information Security Management System.
Responsibilities:
Installing and configuring all hardware & computer systems.
Maintenance and providing assistance for Website Management.
Designing and Programming software/databases for CRI Group.
Monitoring, maintaining & Troubleshooting' system and network problems and
diagnosing and solving hardware/software faults.
Finding solutions to problems through effective & updated relevant knowledge.
Replacing/Assembling computers or parts as required.
Providing support, including procedural, documentation.
Running network applications to support systems and users.
Maintenance of Server along with logs related to server room activities.
Tagging/coding & inventory management of all the IT related equipment & machinery.
Maintaining of logs of complaints and power cables.
Centralized system for printers, scanners & shredder.
Maintenance of access card data base & report generation.
Maintenance of DVR.
Implementation of all ISMS policies & procedures.
Information security matters such as routine security activities plus emerging security
risks and control technologies.
Leading suitable information security awareness, training and educational activities and
IT disaster recovery planning.
Supervising & Monitoring subordinates’ performance and activity, if applicable.
Responsibilities and duties of the position holder can be modified according to the needs
and requirements of the Company and work.
Following current and prospective ISO Standards, policies and procedures.
Carrying out any other task and assignment given by the management
Monitors and maintains the computer systems and networks of CRI Group. Installs and configures computer systems, diagnose hardware/software faults, maintain
and update company website and solve technical problems. Responsible to bring the
organization’s information security risks under explicit management control through the
Information Security Management System.
Responsibilities:
Installing and configuring all hardware & computer systems.
Maintenance and providing assistance for Website Management.
Designing and Programming software/databases for CRI Group.
Monitoring, maintaining & Troubleshooting' system and network problems and
diagnosing and solving hardware/software faults.
Finding solutions to problems through effective & updated relevant knowledge.
Replacing/Assembling computers or parts as required.
Providing support, including procedural, documentation.
Running network applications to support systems and users.
Maintenance of Server along with logs related to server room activities.
Tagging/coding & inventory management of all the IT related equipment & machinery.
Maintaining of logs of complaints and power cables.
Centralized system for printers, scanners & shredder.
Maintenance of access card data base & report generation.
Maintenance of DVR.
Implementation of all ISMS policies & procedures.
Information security matters such as routine security activities plus emerging security
risks and control technologies.
Leading suitable information security awareness, training and educational activities and
IT disaster recovery planning.
Supervising & Monitoring subordinates’ performance and activity, if applicable.
Responsibilities and duties of the position holder can be modified according to the needs
and requirements of the Company and work.
Following current and prospective ISO Standards, policies and procedures.
Carrying out any other task and assignment given by the management
Computer Engineer
Pre-Engineering
