Assistant Manager Cyber Assurance And IT Audit Technology Risk

We’re a large and growing professional services firm that still feels like a community. With over 76,000 professionals in more than 150 countries, we combine global scale with local expertise to help dynamic organizations unlock their potential for growth. We truly care about our colleagues, our clients, and the communities where we work and live.

As an Assistant Manager, you’ll empower the team, deliver excellence, lead the way in shaping strategies and exceeding client expectations, and make a meaningful impact. Discover your purple and join our Business Risk Services Team today! 

Let us paint a picture for you

Imagine being part of a team that puts “we before me”, where flexibility is a mindset, and where you trust your colleagues to have your back.

Imagine working for an organization that believes in the power of authenticity in everything that we do. Whether youre steering discussions in a client meeting, tackling your fear of heights at the top of the Burj Khalifa or ziplining across Jebel Jais – bring your true self to work. Be a part of a team driven by a purpose of shaping the world that we live in, based on trust and integrity in markets, dynamic businesses, and communities where businesses and people thrive.

Join us to expand your horizons, be inspired, face challenges, and most importantly, be yourself.

About the Business Risk Services Line

Discover tailored risk solutions with our BRS team. From proactive risk detection to optimizing internal controls, we empower your organization with strategies that drive efficiency and safeguard against threats. With a focus on transparency and collaboration, we build robust audit frameworks that ensure resilience and foster growth in an ever-changing business landscape. 

As an Assistant Manager some of your responsibilities will include:

• Leading and managing end‑to‑end IT audit and technology risk engagements for public sector, government‑related entities, and large private sector clients across the UAE, ensuring delivery in line with Grant Thornton UAE methodologies, quality standards, and timelines
• Overseeing the evaluation of IT General Controls (ITGCs), Lead & execute ERP application controls (Oracle, SAP, Microsoft Dynamics), cloud environments, and data protection requirements, including UAE data regulations, GDPR (where applicable), and business continuity arrangements aligned to ISO 22301 and NCEMA
• Planning, coordinating, and executing risk‑based audit approaches, translating complex IT and business application landscapes into practical testing strategies supporting ICFR/SOX, internal audit, and regulatory assurance engagements
• Managing engagement teams, including task allocation, coaching, on‑the‑job training, and review of workpapers and deliverables to ensure technical quality and consistency
• Acting as a key participant in client and audit committee–facing discussions, presenting scope, observations, risk implications, and remediation actions; oversee the preparation of clear, defensible audit reports and monitor closure of agreed management actions
• Leading third‑party risk management (TPRM) reviews, including assessment of vendor contracts for governance, cybersecurity, data privacy, BCP/DR (ISO 22301), audit rights, performance obligations, and regulatory alignment within the UAE context
• Building and sustaining trusted client relationships, serving as a primary GT UAE point of contact for IT, Finance, Risk, and Internal Audit stakeholders
• Providing pragmatic insights and guidance on technology and cyber risk trends impacting UAE organizations, including cloud adoption, ERP transformations, AI initiatives, and operational resilience
• Contributing to business development and practice growth, including proposal preparation, commercial scoping, client presentations, and development of GT UAE thought leadership and internal methodologies
• Collaborating with broader GT UAE service lines (Internal Audit, Cybersecurity, Enterprise Risk, Data & Analytics) to deliver integrated, value‑driven assurance and advisory outcomes

• 7+ years of related work experience in Technology Risk, IT Audit, ICFR, SOX, or ERP assurance engagements
• Bachelor’s or Master’s degree in Information Systems or Technology, Computer Science, Engineering, or a related discipline
• Professional certifications such as CISA, CISM, CISSP, ISO 27001 (Any 2)
• ERP platform certifications or hands‑on experience in Oracle ERP / Oracle Fusion, SAP (Preferred)
• Prior experience delivering ICFR / ITGC / SOX‑style controls, technology risk, or assurance engagements within UAE or GCC organizations
• Working knowledge of UAE and regional regulatory frameworks, such as: UAE Internal Audit Standards, IA 2025 Controls, ISO 27001, NESA, NCEMA, ADGM FSRA, DIFC, or sector‑specific regulations (government, financial services, energy)
• Familiarity with outsourced IT environments, managed service providers, and third‑party risk considerations common in the region
• Strong stakeholder management skills, with experience interacting with senior management, internal audit, compliance, and IT leadership
• Arabic language skills are an advantage (spoken and/or written), but not mandatory
• Ability to work in onsite client environments and meet UAE client delivery and security clearance requirements
• Having the ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment
• Having the ability to document testing in a highly detailed and exacting manner
• Ability to supervise staff members and word on multiple projects simultaneously
• Experience of preparing and delivering presentations