Senior Lead, IT Audit

Are you a strategic thinker with a knack for technology and a keen eye for detail? As our IT Audit Manager, you will report directly to the Head of Internal Audit and play a pivotal role in providing assurance to our organization’s IT controls and security management processes. This is your opportunity to lead comprehensive audits, drive improvements, and influence key decisions that protect our key systems and enhance our operational integrity. If you’re ready to take charge of a critical function and make a lasting impact, we invite you to join our team and help shape the future of our IT audit practices.

Job Scope:

• Plan, develop and maintain IT audit programs/tests with risk-based audit methodologies, leveraging on data science and automation.

• Execute IT audits, regulatory compliance assessment and IT risk assessment, in areas covering IT general controls, application controls, business cycle and IT security review.

• Able to evaluate IT internal controls and identify opportunities for controls improvement.

• Identify deficiencies and provide practical recommendations to remediate and address identified risks. Ability to translate technical issues into business issues.

• Prioritize findings and recommendations and facilitate multiple stakeholders to agree on appropriate solutions and verify that risks are mitigated appropriately.

• Provide clear and organized documentation of the audit processes and findings

• Present audit findings at closing meetings as well as draft the final audit report for issuance, and present to the Audit Committee (where required). Conduct the required follow-ups to ensure timely and appropriate mitigations or remediations.

• Provide support to fellow business auditors as part of integrated audit team for selected audits. Areas that you may support include e.g., application review, validation of workflow and control configuration, access rights governance and data analytics etc.

• You will also be involved in selected advisory engagements to support the business e.g., special reviews, enterprise risk management initiatives, implementation of new processes or tools.

Requirements:

• Relevant degree in Computer Science, Information Systems or its equivalent from a reputable education institute. Dual qualifications of IT and Accountancy is a plus.

• Professional qualifications (CISA, CISSP, PCI DSS) is highly preferred.

• Good understanding of ISAE 3402/3000, SSAE 3402/3000, SOC 1 and SOC 2, COSO, COBIT, ISO/IEC 27000, ISO 31000 or equivalent standards

• Strong at IT audits covering IT General Controls, IT Application Controls and Security Controls, IT Infrastructure & Network and Cybersecurity. Knowledge and experience on Financial, Compliance and Operational audits will be highly favourable.

• At least 5 years of IT audit or IT risk management work experience, preferably with IT internal audit experience with a Big 4 or leading IT audits in a multi-national company.

• Experienced in reviewing technology domains across infrastructure, applications, cyber security, cloud technology, governance processes, IT project management and horizontal IT processes.

• Demonstrates ability to plan, scope and execute IT Audits independently with minimal guidance.

• Experienced in managing outsourced internal auditors.

• Strong interpersonal and communication skills, with ability to engage and network with stakeholders at different levels.

• Strong conceptual, analytical and problem-solving skills

• Self-motivated, independent in thought process and yet displays strong team orientation. You must be comfortable performing as a sole contributor or teammate, with extensive opportunities for coaching and leadership across the team and organization.

We regret that only shortlisted candidates will be notified.