Assistant Manager - IT Audit

As a member of the IT audit team, assisting the Manager / Senior Manager / Head of Group Internal Audit Department (GIAD) in the following areas:-

Plan, lead and execute IT audit assignments in accordance with the annual audit plan, covering areas such as IT governance, information security, cybersecurity, IT operations & infrastructure, application controls, compliance review, IT projects, emerging technologies and system related investigation, as well as any other audit work undertaken by GIAD.

Review and evaluate the adequacy and effectiveness of IT controls, risk management processes, and governance practices to provide assurance to the Audit Committee, Board of Directors and Senior Management on the integrity and reliability of the Group’s IT control environment.

Assess compliance with internal policies, regulatory requirements and professional standards (e.g. ISO 27001, NIST, COBIT).

Identify and report control weaknesses, root causes, potential risks and recommend value adding improvements.

Review the team’s audit work to ensure assignments follow the audit plan and working papers are properly reviewed and documented.

Prepare and present audit findings and recommendations to management and monitor follow-up actions to ensure timely and effective remediation.

Prepare activity reports to the Audit Committee during quarterly / periodic Audit Committee meetings.

Contribute to the overall achievement of audit team KPIs and department goals.

Assist in coaching and on-the-job training to enhance IT audit capabilities within the team, including staff appraisals and staff management, where required.

Support continuous improvement of audit methodologies and use of data analytics to enhance assurance coverage and efficiency.

Perform any other duties as assigned by the HOD as and when necessary.

Bachelor’s Degree in Information Technology, Computer Science, Information Systems or equivalent.

Professional certification such as CISA, CISM, CISSP, ISO27001 LA or equivalent will be added advantage.

Minimum 3-4 years of relevant experience in IT audit, IT risk management or cybersecurity, preferably in a public listed company or professional services firm.

Strong understanding of IT governance & controls, cybersecurity and emerging technologies (cloud computing, AI, automation).

Familiarity with control frameworks and standards such as COBIT, ISO 27001, NIST.

Excellent interpersonal & communication, analytical and report-writing skills.

Able to work independently and collaboratively in a fast-paced and dynamic environment.

What's your expected monthly basic salary?

Established in 1974, Sunway Group is one of Malaysia’s largest conglomerates with core interests in real estate, construction, education, healthcare, retail and hospitality, with a unique build-own-operate business model. We are committed to the 17 United Nations Sustainable Development Goals and continue to align our business strategies towards mininising environmental impact, and advancing economic and social progress. With a presence in more than 50 locations primarily in the Asia region, Sunway Group comprises 13 business divisions – real estate, construction, retail, hospitality, leisure, healthcare, education, financial and investment services, trading and manufacturing, building materials, quarrying, Real Estate Investment Trust (REIT) and digital.

In all that we do, we are driven by our core values of Integrity, Humility and Excellence.