Head, IT Audit & Compliance at Westfield Consulting

Job Purpose

• We are seeking an experienced and strategic Head, IT Audit & Compliance to lead the organization’s IT audit, risk management, and regulatory compliance functions.
• The ideal candidate will be responsible for ensuring robust internal controls, safeguarding information systems, and aligning technology operations with global compliance standards and best practices.

Key Responsibilities

• Lead the design and execution of IT audit and compliance frameworks across the organization
• Oversee IT General Controls (ITGCs), risk assessments, and internal audit processes
• Ensure compliance with regulatory standards, data privacy laws, and industry frameworks
• Drive implementation of security standards across mobile, cloud, and enterprise systems
• Monitor adherence to DevSecOps and SDLC compliance requirements
• Provide advisory support to management on IT risk, governance, and control improvements
• Manage relationships with external auditors, regulators, and internal stakeholders
• Develop and lead a high-performing IT audit and compliance team

Key Requirements

• A bachelor’s degree in a relevant field such as Information Technology / Computer Science, Management Information Systems (MIS), Cybersecurity / Information Assurance Essential, Accounting or Finance (for audit-focused roles), Computer/Software Engineering
• 8–12 years’ experience in IT audit, risk management, or cybersecurity
• At least 3–5 years in a leadership or managerial role
• Proven experience auditing mobile applications or SaaS platforms is a strong advantage
• A master’s degree is strongly preferred (MBA, MSc in Cybersecurity, Computer Science, Risk Management, or related fields)
• Professional Certifications like, CISA, CIA, CISSP, CRISC, CISM etc

Key Knowledge & Competencies

• Strong understanding of mobile application security (OWASP standards)
• Familiarity with app store compliance requirements (Apple App Store & Google Play)
• Knowledge of global data privacy regulations (e.g., GDPR and related frameworks)
• Experience with SOC 1 / SOC 2 audit frameworks
• Hands-on knowledge of cloud platforms (AWS, Azure, GCP) auditing
• Strong grasp of IT governance, risk management, and compliance practices.