Manager jobs in Mexico

The Technology & Cyber Security Audit Manager leads and executes audits within the technology and cybersecurity domains, specifically for a fully cloud-agnostic environment with advanced cyber defence and DevOps capabilities. This role ensures compliance with regulatory requirements and internal standards by reviewing technology and information security governance, architectures, processes, third-party relationships, and infrastructures.

Key Responsibilities

1. Audit Planning and Execution: Plan, schedule, execute, and monitor audits within assigned domains, ensuring alignment with approved audit plans and timelines. Conduct audit work in accordance with internal audit standards, regulatory requirements, and international frameworks such as ISO, PCI DSS, NESA, SWIFT-CSP, SOC2, and CCSS.
2. Audit Reporting and Monitoring: Produce comprehensive audit reports detailing findings, associated risks, and actionable recommendations. Monitor and follow up on the closure of previously raised audit findings to ensure timely resolution. Provide regular updates to the Head of Technology & Cybersecurity Audit, department heads, and other relevant stakeholders on audit progress and corrective measures.
3. Continuous Auditing and Ad-hoc Reviews: Support other business audits by performing data extraction and analytics. Facilitate continuous auditing by implementing innovative data-driven methodologies. Participate in investigations, special reviews, or other related assignments as directed by the Head of Technology & Cybersecurity Audit and Chief Audit Executive.
4. Audit Methodology and Process Improvement: Continuously refine audit methodologies, tools, and processes to enhance the efficiency and effectiveness of audit activities. Ensure alignment of audit practices with emerging technologies, trends, and industry best practices.
5. Collaboration and Stakeholder Management: Maintain effective working relationships with business units and key stakeholders to foster cooperation and alignment. Act as the subject matter expert for technology and data analytics requirements within the Internal Audit Department. Periodically review information technology and security architectures to ensure compliance with internal policies and regulatory standards.
6. Vendor Risk Management and Business Continuity: Periodically assess contracts and service level agreements (SLAs) with third-party service providers to ensure adherence to agreed-upon terms. Coordinate with outsourced staff to ensure quality and consistency in audit assignments. Review the effectiveness of Business Continuity Planning (BCP) and Disaster Recovery (DR) processes, identifying areas for improvement and compliance gaps.

Key Skills

1. Expertise in core technology infrastructure, network, and security operations.
2. Familiarity with emerging technologies and trends in cybersecurity, cloud environments, and software development practices, including DevOps and CI/CD pipelines.
3. Strong understanding of technology platforms, risk management, and control frameworks to ensure comprehensive evaluation and compliance.
4. Proficient in auditing smart contracts, decentralized applications (dApps), and blockchain infrastructure and integrations.
5. Knowledge of blockchain, distributed ledger technologies, and industry standards and best practices for digital assets.
6. Familiarity with containerization and virtualization technologies (e.g., Docker, Kubernetes, VMware).
7. Solid understanding of operating system platforms (e.g., Windows, Linux, Unix) and database management systems (SQL Server, Oracle, MongoDB, etc).
8. In-depth knowledge of various banking applications and their integration with delivery channels for seamless and secure operations.
9. Analytical skills to assess technical designs and architectures, identify vulnerabilities, and propose effective mitigations.
10. Proficiency in cloud computing and understanding of security standards specific to cloud environments (e.g., SaaS, PaaS, IaaS).
11. Experience in security testing, including firewalls, security architectures, and OWASP guidelines.
12. Hands-on experience with audit management software and tools to streamline audit processes.
13. Strong scripting knowledge (e.g., Python, Perl) to support automation and data analysis initiatives.
14. Proficient in data analytical skills, including the ability to write and execute SQL queries for data extraction, manipulation, and analysis.

Required Qualifications & Experience

1. 5-10 years of experience in Information Technology, IT Audit, or Cyber Security is a must, preferably within the financial sector in the Middle East.
2. A Bachelor's or Master's degree, preferably in Computer Science or Information Systems, is required.
3. Professional Certifications: Having one or more of below certifications: CISA, CISSP, COBIT/ITIL, PCI DSS / ISO 27001, CCSK/CCSP, GSEC/ CGIH, CDPSE/CIPM.