Assistant Manager - IT Audit

As a member of the IT audit team, assisting the Manager / Senior / Head of Group Internal Audit Department (GIAD) in the following areas:

Plan, lead and execute audit assignments in accordance with the annual audit plan, covering areas such as IT governance, information security, cybersecurity, IT operations & infrastructure, application controls, compliance review, IT projects, emerging technologies and system related investigation, as well as any other audit work undertaken by GIAD.

Review and evaluate the adequacy and effectiveness of IT controls, risk management processes, and governance practices to provide assurance to the Audit Committee, Board of Directors and Senior Management on the integrity and reliability of the Group’s IT control environment.

Assess compliance with internal policies, regulatory requirements and professional standards (e.g. ISO 27001, NIST, COBIT).

Identify and report control weaknesses, root causes, potential risks and recommend value adding improvements.

Review the team’s audit work to ensure assignments follow the audit plan and working papers are properly reviewed and documented.

Prepare and present audit findings and recommendations to management and monitor follow-up actions to ensure timely and effective remediation.

Prepare activity reports to the Audit Committee during quarterly / periodic Audit Committee meetings.

Contribute to the overall achievement of audit team KPIs and department goals.

Assist in coaching and on-the-job training to enhance IT audit capabilities within the team, including staff appraisals and staff management, where required.

Support continuous improvement of audit methodologies and use of data analytics to enhance assurance coverage and efficiency.

Perform any other duties as assigned by the HOD as and when necessary.

Bachelor’s Degree in Information Technology, Computer Science, Information Systems or equivalent.

Professional certification such as CISA, CISM, CISSP, ISO27001 LA or equivalent will be added advantage.

Minimum 3-4 years of relevant experience in IT audit, IT risk management or cybersecurity, preferably in a public listed company or professional services firm.

Strong understanding of IT governance & controls, cybersecurity and emerging technologies (cloud computing, AI, automation).

Familiarity with control frameworks and standards such as COBIT, ISO 27001, NIST.

Excellent interpersonal & communication, analytical and report-writing skills.

Able to work independently and collaboratively in a fast-paced and dynamic environment.