Role Purpose

Zain Iraq is Actively recruiting to hire IT & Network Internal Audit Head of Unit who is responsible to Evaluate the situation of the technological service (Information systems and telecom networks) to achieve risk control and help improve its security, effectiveness, efficiency and profitability on all platforms with a focus on cybersecurity aspects, while also including specific risks related to information systems, telecommunications infrastructure, engineering, web and mobile applications, value-added products (IPTV, FTTH, etc.). Further, includes attention to perimeter reviews as Cloud, and IoT. Likewise, the role manages ESG audits with environment focus (radiation, treatment of hazardous waste, carbon footprint, etc.)

Key Accountabilities

• Understand the IT & Network environment to assess and evaluate effectiveness and efficiency of their internal controls and operating practices.

• Develop and manage a risk register for IT & Network reviews, including IT implementation and delivery, IT infrastructure, IT & Network security, Business Continuity, Cloud services, IoT, etc.

• Propose reviews of systems, technology and infrastructure areas of Internal Audit Plan based on the needs of the business and the associated risks. Organize, direct, perform and/or supervise its execution according to IPPF / GIAS standards and procedures, ensuring quality of audits meets or exceeds international standards.

• Lead and coordinate the multidisciplinary work team with OpCos. Follow the implementation of agreed and communicated remedial actions.

• Ensure planned activities, incorporate narratives, process flows, audit programs, fieldwork, etc. Prepare impactful audit reports and present their findings and recommendations, which should always be clear, concise and constructive.

• Provide regular reports of the function to local and Group management.

• Assist in IT compliance implementation projects (ISO, SOC, GDPR, etc.)

• Plan, coordinate and supervise Company's settings relating IT General Controls (ITGC) and Cybersecurity.

• Coordinate robotics (RPA) and continuous/online auditing projects to support the function, aimed at improving audit quality, reducing audit life cycle, and improving test coverage.

• Define and design the KPls for the different services under supervision. Monitoring and reporting thereof. Promote innovation activities.

• Assist IA teams in carrying out reviews.

• Ensure timely communication with CIA and relevant stakeholders relating risks, recommendations, action plans and its implementation.

Educational Qualifications and Experience

Qualifications / Experience:

• Professional graduated in Engineering I Bachelor of Information Systems I Telecommunications

• Minimum experience of 5-8 years in similar positions (preferred)

• Master / Postgraduate Degree in Cybersecurity (preferred)

• CISA and CISM certifications (preferred)

Specific Knowledge:

• Use of data analysis tools (e.g., QlikView/Sense I ACL I PowerBI I SAP BO I Microstrategy).

• ITGCs and Personal Data Protection Methodologies.

• ISO, PCI regulations, etc.

• Risk management and internal control.

• Operating systems, databases, network elements, real security monitoring tools

• Python and similar programming languages ​​(desirable)

• Elements (hardware) that make up telecommunications networks

• Knowledge of environmental policies and regulations (desirable)

Competencies

Behavioural

• Achievement Driven

• Information Seeking

• Problem Solving and Creativity

• Relationship Building

• Initiative

Technical

• Oral and Written Communication

• Managing Information

• Technology Application

• Quality, Health, Safety, Security and Environment

• Capacity Planning and Demand Management

• IT User Support

• IT Business Analysis

 DEI  Competency

• Courage to Engage

• Addressing Bias

• Allyship