Location: Riyadh, KSA
Reporting to: CEO
Our client is a rapidly growing fintech company empowering financial institutions and digital innovators across the MENA region.
Through cutting-edge Open Finance infrastructure, the company aims to enable seamless financial connectivity, inclusion, and continuous innovation across the ecosystem.
We are now supporting our client in their search for an Internal Auditor - a strategic role focused on strengthening internal controls, governance, and risk management, particularly in the areas of cybersecurity, technology, and data protection.
Role Overview
The Internal Auditor will be responsible for evaluating, improving, and maintaining the companys internal control framework and compliance posture.
Working closely with teams across security, engineering, product, compliance, and operations, the role ensures adherence to global standards and regulatory frameworks such as SAMA CSF, ISO 27001, SOC 2, and NIST CSF.
Key Responsibilities
- Plan, execute, and report on internal audits across operational, financial, and compliance areas, with emphasis on IT governance, cybersecurity, and information security controls.
- Assess the design and effectiveness of internal controls related to applications, infrastructure, data protection, and identity access management.
- Identify process inefficiencies and control gaps, providing actionable recommendations to enhance governance and risk mitigation.
- Monitor compliance with internal policies and external standards, collaborating with relevant departments to ensure continuous improvement.
- Review the implementation of policies, procedures, and incident response frameworks, including third-party risk management and vulnerability management.
- Support audit readiness for external certifications and validate remediation of audit findings.
- Prepare and present audit reports to senior management, providing clear and objective insights.
- Contribute to the enhancement of the overall audit methodology and risk assessment approach.
- Conduct follow-up audits and investigations when necessary.
Cybersecurity & Compliance Responsibilities
- Safeguard the confidentiality, integrity, and availability of sensitive and financial data.
- Follow secure data-handling practices throughout audit activities.
- Identify and report cybersecurity risks or control weaknesses to relevant teams.
- Stay informed on regulatory and data privacy requirements related to financial data.
- Participate in mandatory cybersecurity awareness programs and apply secure practices consistently.
- Collaborate effectively with IT and Cybersecurity teams to ensure audit processes do not disrupt system security.
Qualifications:
- Minimum 3 years of experience in an internal audit role within a financial institution or SAMA-regulated company (preferred).
- Solid understanding of risk management, control frameworks, and compliance standards.
- Familiarity with SAMA CSF, ISO 27001, SOC 2, and NIST CSF frameworks.
- Ability to work autonomously in a fast-paced, tech-driven environment.