What Jobs are available for Compliance Audit in Bahrain?

ROLES AND RESPONSIBILITIES:

• Lead and manage internal audit engagements across multiple verticals including operational, financial, regulatory, compliance, IT, fraud risk management, IFC testing, SOP designing and reviewing, and enterprise risk management.
• Develop and execute risk-based internal audit plans, frameworks, and methodologies aligned with industry standards, client objectives, and regulatory requirements, particularly within the BFSI sector.
• Conduct assessments of governance structures, risk management processes, and internal control frameworks, ensuring alignment with BFSI and non-BFSI industry practices.
• Identify process gaps, control deficiencies, and compliance risks, and provide practical, value-added recommendations for improvement.
• Prepare and present clear, concise, and actionable audit reports to senior management and client leadership.
• Act as the Single Point of Contact (SPOC) for client engagements, audit committee meetings, board level presentations, ensuring service delivery, issue resolution, and relationship management.
• Provide direction to the IT team for digital workflows, plan, allocate, and review work of the audit team, ensuring quality, timeliness, and compliance with professional standards.
• Mentor, coach, and contribute to the professional growth and performance development of team members.
• Drive knowledge sharing within the team, fostering awareness of emerging risks, BFSI-specific regulatory updates, and audit best practices.
• Close out audit assignments independently with minimal supervision, ensuring deliverables are met to the highest standards.
• Stay updated with emerging risks, regulatory developments, and statutory changes relevant to BFSI and other industries.

DESIRED PROFILE

• Professional certification: CA, CPA, ACCA or equivalent professional qualification. CIA & CISA will be an added advantage.
• Experience: 3-5 years of relevant experience in internal audit, risk consulting within a consulting/audit firm. Strong knowledge of internal audit frameworks and BFSI regulatory requirements.
• Core Competencies: Demonstrated ability to manage multiple engagements and client portfolios independently. Excellent leadership, stakeholder management, and communication skills.

Job Type: Full-time

Pay: BD1, BD1, per month

Application Question(s):

• Can you independently manage an internal audit assignment from planning to presentation to an audit committee, while managing a team?

Experience:

• internal audit: 3 years (Preferred)

License/Certification:

• CA or CPA qualification (Required)
• CIA qualification (Preferred)
• CISA qualification (Preferred)

Lead and manage audits across financial, operational, compliance, IT, and risk areas. Develop audit plans, assess governance and controls, identify gaps, and recommend improvements. Act as SPOC for clients, deliver reports,and mentor teams.

Health insurance

Provident fund

Office cab/shuttle

Business Unit

stc Bahrain

Sector

INTERNAL AUDIT

Location

Bahrain - Manama

Contract Type

Full Time

Closing Date

17-Sep-2025

Job Specifications:

• Engage actively in end-to-end IT audit engagements, including planning, scoping, and execution of risk-based technology audits across IT infrastructure, core networks, applications, cybersecurity, data governance, and emerging technologies.
• Drive end-to-end technology audit cycle , ensuring effective risk assessment, control evaluation, and delivering clear, actionable insights to senior management.
• Develop compliance models and business improvement plans and programs with process owners around Technology domains i.e., IT & Core Network Infrastructure , Cybersecurity , Applications & Business Systems, Data & Governance, Continuity & Resilience and oversee the implementation.
• Provide direction and oversight in applying Risk & Audit Frameworks such as ISO 27001, NIST CSF, COBIT 2019, ITIL v4, PCI DSS, CSA Cloud Controls Matrix, Bahrain PDPL, and other internal audit standards.
• Prepare documents and presents audit findings in a clear and structured format, ensuring reports are concise, actionable, and tailored for senior management and board-level audiences.
• Translate complex technical findings (e.g., red/blue team results, misconfigurations, VAPTs) and high-risk audit outcomes into executive-ready assurance insights and practical remediation roadmaps.
• Collaborate with Technology and Business leaders to discuss and align audit recommendations.
• Act as a trusted advisor to senior management, presenting clear risk analysis, remediation strategies, and recommendations for strengthening the overall technology control environment.

Qualification & Experience:

• Bachelor's degree in Computer Science/Management Information Systems from a recognized university
• 8–10 years of overall audit experience around Technology Audit with 3 -5 yrs of supervisory experience
• Mandatory Professional Certification: CISA
• Preferred/Value-Add Professional Certifications: CISM, CISSP, CRISC, ISO 27001 Lead Auditor, CDPSE/CIPM (IAPP), Cloud Security (AWS/Azure/GCP)
• Additional exposure to penetration testing, threat-hunting, and digital forensics is an advantage.

Role Impact:

• The Technology Internal Audit Lead role plays a critical part in ensuring the integrity, security, and efficiency of our organization's technological infrastructure.
• By assessing risks and evaluating the effectiveness of technology controls, this position helps safeguard company assets and enhances operational efficiency.
• The insights provided by the Technology Internal Audit Lead contribute to strategic decision-making, ensuring compliance with industry standards and regulations.
• Furthermore, this role supports the continuous improvement of technology processes and systems, promoting a culture of risk awareness and proactive problem-solving within the organization.

Key Job Competencies:

• Technical Proficiency: Deep understanding of IT systems, networks, and infrastructure, including cybersecurity principles and practices.
• Analytical Skills: Ability to analyze complex data sets and draw meaningful conclusions to identify potential risks and areas for improvement.
• Communication Skills: Strong verbal and written communication abilities to effectively convey audit findings to stakeholders at all levels.
• Problem-Solving: Capability to develop innovative solutions to address identified issues and enhance technology controls.
• Attention to Detail: Meticulous approach to evaluating systems and processes to ensure thoroughness and accuracy in audit assessments.
• Regulatory Knowledge: Familiarity with relevant laws, regulations, and standards related to technology and cybersecurity audits.

About Application Process

If you meet the criteria and you are enthusiastic about the role, we would welcome your application.

Job Specifications:

• Engage actively in end-to-end IT audit engagements, including planning, scoping, and execution of risk-based technology audits across IT infrastructure, core networks, applications, cybersecurity, data governance, and emerging technologies.
• Drive end-to-end technology audit cycle , ensuring effective risk assessment, control evaluation, and delivering clear, actionable insights to senior management.
• Develop compliance models and business improvement plans and programs with process owners around Technology domains i.e., IT & Core Network Infrastructure , Cybersecurity , Applications & Business Systems, Data & Governance, Continuity & Resilience and oversee the implementation.
• Provide direction and oversight in applying Risk & Audit Frameworks such as ISO 27001, NIST CSF, COBIT 2019, ITIL v4, PCI DSS, CSA Cloud Controls Matrix, Bahrain PDPL, and other internal audit standards.
• Prepare documents and presents audit findings in a clear and structured format, ensuring reports are concise, actionable, and tailored for senior management and board-level audiences.
• Translate complex technical findings (e.g., red/blue team results, misconfigurations, VAPTs) and high-risk audit outcomes into executive-ready assurance insights and practical remediation roadmaps.
• Collaborate with Technology and Business leaders to discuss and align audit recommendations.
• Act as a trusted advisor to senior management, presenting clear risk analysis, remediation strategies, and recommendations for strengthening the overall technology control environment.

Qualification & Experience:

• Bachelor's degree in Computer Science/Management Information Systems from a recognized university
• 8–10 years of overall audit experience around Technology Audit with 3 -5 yrs of supervisory experience
• Mandatory Professional Certification: CISA
• Preferred/Value-Add Professional Certifications: CISM, CISSP, CRISC, ISO 27001 Lead Auditor, CDPSE/CIPM (IAPP), Cloud Security (AWS/Azure/GCP)
• Additional exposure to penetration testing, threat-hunting, and digital forensics is an advantage.

Role Impact:

• The Technology Internal Audit Lead role plays a critical part in ensuring the integrity, security, and efficiency of our organization's technological infrastructure.
• By assessing risks and evaluating the effectiveness of technology controls, this position helps safeguard company assets and enhances operational efficiency.
• The insights provided by the Technology Internal Audit Lead contribute to strategic decision-making, ensuring compliance with industry standards and regulations.
• Furthermore, this role supports the continuous improvement of technology processes and systems, promoting a culture of risk awareness and proactive problem-solving within the organization.

Key Job Competencies:

• Technical Proficiency
  : Deep understanding of IT systems, networks, and infrastructure, including cybersecurity principles and practices.
• Analytical Skills
  : Ability to analyze complex data sets and draw meaningful conclusions to identify potential risks and areas for improvement.
• Communication Skills
  : Strong verbal and written communication abilities to effectively convey audit findings to stakeholders at all levels.
• Problem-Solving
  : Capability to develop innovative solutions to address identified issues and enhance technology controls.
• Attention to Detail
  : Meticulous approach to evaluating systems and processes to ensure thoroughness and accuracy in audit assessments.
• Regulatory Knowledge
  : Familiarity with relevant laws, regulations, and standards related to technology and cybersecurity audits.

The Grant Thornton team continues to grow its market presence across Bahrain, supporting dynamic clients to unlock value through the diverse services which we offer. In response to our continued growth, we are now looking to expand our Business Risk Services team, for which we are seeking an Auditor.

Candidates must exhibit high standards of professional and social ethics and must accept full responsibility as the in-charge accountant for audit engagements of varying size and complexity to include, planning and coordinating the various phases of the field work, directing and reviewing the work of a number of assistants, and making decision on all but the most unusual accounting and auditing matters.

Scope Of Responsibilities

• Performs and supervises audits assigned to them. This includes planning, coordinating and directing audits of considerable scope and complexity. Performs related work as required.
• Any other responsibility that Managers / Director/Partners may define in due course of operations.

Primary Duties

• Support in performing risk assessments and develop internal audit plan for internal audit clients
• Plans and performs detailed audit fieldwork in accordance with approved internal audit process covering audit scope, program, resources and audit techniques and documents results of detailed audit field work conducted:
• Analyses and assesses audit risks and findings, ensures adequacy of underlying evidences and working paper files obtained, develops appropriate and practical recommendations and discusses with the Team Leader and the auditee divisions.
• Prepares Internal Audit Reports summarizing audit field work conducted, audit risks and issues reported, recommendations.
• Trains and leads junior auditors and their development.
• Working knowledge of business processes, key risks and controls in the diverse industries
• Actively develop and maintain positive relationships with the clients to enhance the reputation of the internal audit activities
• Deliver all engagements in complete, accurate and timely manner.

Supervisory Responsibility

• Strong client relations and ability to perform new jobs.
• Recognize and evaluate the materiality and significance of internal audit issues and recommend appropriate means for obtaining compliance.
• Ability to gain cooperation of clients in completing the audit and in implementing the recommendations contained in the audit report.
• Have responsibility and enjoy the challenges of various industries.

Competencies/Knowledge, Skills And Abilities

• With Strong communication skills (Speaking and Writing) and Client focus.
• Ability to meet client deadlines.
• Ability to withstanding work pressure.
• Result-driven.

Qualifications

• 1 to 3 years post qualification experience (CIA/CA/ACCA/CPA).
• Strong knowledge of Risk Based Internal Audits and IIA standards.
• Candidates based in Bahrain are encouraged to apply.
• Competent Arabic & English language skills are mandatory.

• Developing and implementing comprehensive risk management frameworks and policies.
• Conducting thorough risk assessments for new products, services, and business initiatives.
• Monitoring and analyzing key risk indicators (KRIs) and implementing corrective actions as needed.
• Collaborating with various departments, including operations, compliance, and IT, to integrate risk management principles into daily activities.
• Preparing detailed risk reports and presentations for senior management and regulatory bodies.
• Staying up-to-date with evolving regulatory landscapes and industry best practices in risk management.
• Designing and delivering risk management training programs to employees.
• Managing the company's business continuity and disaster recovery planning.
• Investigating and reporting on risk incidents, and recommending preventative measures.
• Contributing to the continuous improvement of the risk management function.