Job Descriptions:
- Plan, develop and maintain IT audit programs/tests with risk-based audit methodologies, leveraging on data science and automation.
- Execute IT audits, regulatory compliance assessments and IT risk assessments, in areas covering IT general controls, application controls, business cycle and IT security review.
- Identify deficiencies and provide practical recommendations to remediate and address identified risks.
- Present audit findings and conduct the required follow-ups to ensure timely and appropriate mitigations or remediations.
- Provide support to fellow business auditors as part of integrated audit team for selected audits. By reviewing application, validation of workflow and control configuration, access rights governance and data analytics etc.
- Involved in selected advisory engagements to support the business e.g., special reviews, enterprise risk management initiatives, implementation of new processes or tools.
Job Requirements:
- Degree in Computer Science, Information Systems or its equivalent
- Professional qualifications (CISA, CISSP, PCI DSS) is an advantage
- Good understanding of ISAE 3402/3000, SSAE 3402/3000, SOC 1 and SOC 2, COSO, COBIT, ISO/IEC 27000, ISO 31000 or equivalent standards
- Strong at IT audits covering IT General Controls, IT Application Controls and Security Controls, IT Infrastructure & Network and Cybersecurity. Knowledge and experience on Financial, Compliance and Operational audits will be highly favourable.
- At least 5 years of IT audit or IT risk management work experience, preferably with IT internal audit experience with a Big 4 or leading IT audits in a multi-national company.
- Experienced in reviewing technology domains across infrastructure, applications, cyber security, cloud technology, governance processes, IT project management and horizontal IT processes.
Interested candidates, please send your updated resume to [email protected]