Senior IT & Information Security Auditor

First Abu Dhabi Bank

Job Description

This role is a key part of FAB s Group Internal Audit function, responsible for leading and participating in audits across Group Technology and Information Security. The position ensures that governance, risk management, and control frameworks within technology domains meet global standards and regulatory expectations. The role influences senior stakeholders, identifies weaknesses, drives corrective action, and supports the bank in maintaining technology resilience and compliance across UAE and international operations.

Key Responsibilities

Audit Planning & Delivery

• Lead and participate in audits covering Group Technology and Information Security across UAE and international FAB entities.
• Execute audits in line with the approved Annual Audit Plan, reporting any delays or changes promptly.
• Perform evaluations of risk identification, governance, IT controls, and process robustness across Technology and Information Security functions.
• Assess adequacy of risk management, change controls, cybersecurity protocols, data protection, IT operations, availability, and resilience.
• Verify that systems, data, and transaction processing meet required reliability, integrity, and availability standards.
• Ensure FAB s technology assets are safeguarded and resources are used effectively.

Risk Assessment & Audit Universe Management

• Maintain and update the Audit Universe for all Group Technology and Information Security units.
• Conduct periodic risk assessments of all technology process streams, identifying emerging risks and recommending enhancements.
• Promote regular self-assessment of risks and controls within business units.

Reporting & Documentation

• Review audit working papers, ensure high-quality documentation, and finalize reports within three weeks of fieldwork completion.
• Negotiate and agree on Management Action Plans with stakeholders to address audit findings.
• Prepare functional reports that meet FAB s quality, accuracy, and policy standards.

Stakeholder Management & Advisory

• Act as Audit Business Partner for Technology and Information Security leadership.
• Attend regular meetings with Line Managers to identify emerging risks and align on audit expectations.
• Provide governance, risk management, and control advisory to unit management based on best practices.
• Follow up with management to ensure timely and complete implementation of action plans.

People Leadership

• Provide guidance, mentoring, and on-the-job training to junior auditors.
• Promote a values-driven, ethical culture within the audit team.
• Lead knowledge-sharing sessions and support team development.

Policies, Systems & Continuous Improvement

• Follow all GIA policies, procedures, and practice notes in audit execution.
• Recommend improvements to GIA methodology based on industry standards and regulatory expectations.
• Drive continuous improvement in audit processes, tools, and techniques.
• Maintain audit programs in the central audit management system.

Other Responsibilities

• Support special investigations and reviews as assigned by senior audit leadership.
• Monitor department activities to ensure adherence to budget requirements.
• Maintain strong relationships with internal and external stakeholders.
• Ensure all audit issues are followed up until fully closed.

Skills Set

• IT audit and cybersecurity audit
• Risk assessment & governance
• Technology controls evaluation
• Process improvement
• Stakeholder engagement
• Report writing & root cause analysis
• Leadership & team mentoring
• Knowledge of regulatory frameworks for IT & cyber risk