Conduct comprehensive risk assessments for both new and existing Information Technology systems.
Design and implement audit programs aligned with the audit scope and objectives of established frameworks such as COBIT, ISMS, and IT General Controls.
Assess the adequacy and effectiveness of IT internal controls across the organization's business processes.
Execute follow-up audits on findings identified in previous audit reports to ensure corrective actions are implemented.
Apply relevant IT standards and methodologies to enhance the effectiveness of Governance, Risk, and Compliance (GRC) processes.
Undertake additional responsibilities as assigned.
Qualifications:
Bachelor's degree or higher in Information Technology, Computer Science, Computer Engineering, Management of Information Systems, or related fields.
Minimum of 3 years of experience in IT internal auditing; experience in external auditing or with a Big 4 firm is a plus.
Professional certifications such as CISA, IRCA for Information Security, NIST Cybersecurity Framework, or CIA are advantageous.
Experience in testing IT controls, including IT Governance, Cybersecurity, ISO 27001, SDLC and Change Management, and Network Security, is preferred.
Strong understanding of IT Audit, IT Security, IT Risk, and IT Compliance.
Proficiency in SAP is required.
Excellent communication and interpersonal skills, with strong analytical capabilities, self-motivation, and a willingness to learn.
Ability to travel and work in various locations, including international assignments.
Proficient in English, both written and verbal (minimum TOEIC score of 750).
Demonstrates goal-oriented, unity-driven, adaptable, and a learning mindset.
