Do you enjoy working with many stakeholders in a multi-cultural environment within global organization? Are you inquisitive, curious and self-driven? Would you like to make a difference to our company by driving security controls and cyber security area ?
If the answer is Yes then we would like to hear from you.
PURPOSE OF THE ROLE
- Review and analyse the system, processes, risk and controls from the viewpoints of compliance, operations, and financial reporting risk.
- Assess and report on Cyber Security control effectiveness in infrastructure and application level.
- Recommend and facilitate the control improvement and/or remediation.
The ideal candidate should have the work experience in IT audit and/or IT risk management consulting roles.
Candidates with up-to-date IT knowledge with the audit or control background may also fit to this role.
【Security Control Assessment】
- Perform vulnerability testing, risk analyses and security assessments.
- Carry out IS and IT risks assessment to IT controls and processes and define assessment criteria for control enhancement.
【Security Control Review & Advisory】
- Work with our internal customers and develop the understanding of the IT environment. (process, application, policies)
- Provide control advisory or recommendations for the enhancements which align with the business strategy.
【Cyber Security Advisory】
- Research and anticipate security alerts, incidents and disasters that may potentially impact our operations.
- Support management in decision making with recommendation to IT control enhancements to improve the defense to Cyberattack.
- Review IT processes based on PMI IS Chart of Controls and IPG policies and perform a gap analysis.
- Support IS team and/or business functions to implement actions plan.
【SOX Testing on IT Controls】
- Plan the testing approach on IT controls in scope for SOX, perform and document the walkthrough and the testing based on the PMI Instructions.
- Ensure that the controls are in place and operating effectively, or test the remediation's if any deficiencies.
【Collaboration with Internal or External Specialists】
- Collaborate with 3rd party specialists or consult with PMI IS or IPG and recommend on the security plan/strategy.
SKILLS & EXPERIENCE
- A minimum of two years of IT audit, IT risk management consulting, Internal Control, Audit, or similar roles
- Fluent in English
- Excellent understanding of IT risk assessment and audit procedures
- Excellent organization skills and ability to manage multiple projects and deadlines
- Energetic, highly motivated, willing to take on challenges, ability to function as a
team player or work independently
- University Degree