Manager – IT & Infrastructure

MS Computer Science or MS IT or MCS from HEC recognized university with at least 4 years of relevant experience

Or

BS or BCS with at least 7 years of relevant experience.

Candidate having CISA certification shall have added advantage

• MS Computer Science or MS IT or MCS from HEC recognized university with at least 4 years of relevant experience
• Or BS or BCS with at least 7 years of relevant experience.
• CISA certification shall have added advantage

• Participate in the development of annual internal audit plan for Chief Internal Auditor and Audit Committee’s review and approval.
• Provide support in developing internal audit and assurance assignments related to Information Technology systems and infrastructure.
• Facilitate the GM IT Audit and Technical Operations in implementing IT audit framework, standard templates and checklists in context of approved audit plan across the entire organization.
• Provide the business and IT management with guidance on IT risk management matters, particularly on applications and infrastructure security.
• Provide support in developing and maintaining IT Risk Assessment at company level, while identifying areas where business units should consider additional investment.
• Manage audits team in conducting IT audits covering system applications and IT processes. Prepare the audit results for senior executives and Audit Committee.
• Manage IT security audits (networks, operating system, and data center), including evaluation of security vulnerabilities. Coordinate the scope and performance of these reviews with business units and external security experts.
• Assist GM IT Audit and Technical Operations in preparation of presentations for the Audit Committee to discuss internal audit reports and projections.
• Conduct review of IT management policies and procedures such as change management, business continuity planning / disaster recovery and information security for the senior management to ensure that controls surrounding these processes are adequate.
• Develop a detailed understanding of the activity under audit, including IT risks and controls and develop IT audit work programs accordingly.
• Assess IT risks and internal control weaknesses and advise IT and business auditees the best practices with respect to their processes.
• The individual shall ensure compliance to the Enterprise Risk Management Framework enforced in the Company while performing job responsibilities in accordance with his assigned role.
• The individual shall ensure compliance to the Business Principles and Ethics Policy / Code of Conduct.
• Undertake any other assignment as instructed by senior management.
• Identify risks in internal audit observations and communicate to concerned levels of management for risk management.

Copyright (c) 2018-2025 Sui Southern Gas Company Limited. All Rights Reserved.