Plan & implement risk-based IT audit programs. This includes ensuring IT audits are performed properly and in accordance with SOX / professional standards.
Perform IT audit, regulatory compliance assessment, and IT risk assessment, in areas covering IT general controls (ITGC), application controls, business cycle, and IT security review
Identify and evaluate complex technology and business risks and internal controls which mitigate risks, and related opportunities for internal control improvement
Proactively engaging in all high-risk incidents. Preparing IT Audit written reports covering the audit findings (control issue/ gap) and proposing corrective action plans to the management.
Perform effective communication with stakeholders to ensure the audit operates smoothly
May lead audit and incident management projects simultaneously
3-5 years of experience in auditing IT environments in banking / financial companies / public accounting firms
Earned one of the following certificates - CISA, CISSP, CISM or other relevant certifications in the IT or cybersecurity domain
Strong knowledge and experience in delivering ISO 27001 / 27701 audits, ITGC, ITAC, and SOX testing
Excellent interpersonal & communication skills both oral and written
Analytical thinker with strong conceptual and problem-solving skills with the willingness to learn new technology
Meticulous attention to detail with the ability to multitask
