IT Compliance and Audit Management Senior Analyst

• This position will be reporting to the Head of Security Compliance & Audit Management Section and will function under the Digital Assurance Unit.
• Identify, evaluate and assess internal controls to ensure regulatory compliance and operational integrity.

Job responsibilities

• Strategize and lead a team to perform digital assurance in accordance with the defined plan.
• Evaluate the design and effectiveness of IT general controls, application controls and security protocols.
• Assess the adequacy of IT risk management and governance processes.
• Conduct digital assurance of network infrastructure, databases, operating systems, cloud environments, and enterprise applications.
• Review access controls, change management procedures, and data backup/recovery systems.
• Prepare clear and concise reports, highlighting key observations, risks, and recommendations.
• Collaborate with IT teams to develop and monitor corrective action plans.

Job requirements

• Possess a Bachelor's Degree in Computer Science/Information Technology, Cybersecurity or equivalent qualification from accredited higher learning institutions.
• Professional certifications in audit such as CISA, CIA.
• 6-9 year of experience in IT compliance, IT Audit, or a related field.
• Strong understanding of IT audit methodologies and regulatory standards such as Cyber Security Act 2024, PDPA 2024, BNM CRMA, NIST, RMIT, COBIT 2019, COSO, CIS, ISO27001 and etc.
• Excellent analytical, communication and report‑writing skills.
• Familiarity with technical, cybersecurity, application concepts and cloud platforms.
• Experience with automated audit tools and data analytics. Knowledge of scripting or programming languages is a plus.
• Relevant certifications such as CISSP, CRISC, ISMS Lead Auditor, or similar are preferred.