Senior IT Audit Manager

Job description:

• Develop a thorough understanding and knowledge of company’s operations and risk universe (internal and external factors), establish effective business relationships within the company, propose innovative and systematic approaches to identify and manage IT risks to ensure internal policies and regulations are well implemented.
• Lead and manage internal audit initiatives from plan, execute and complete audit fieldworks according to established framework and schedule. Prepare comprehensive audit reports, facilitate and monitor resolution implementation.
• Develop and refine audit process, programs, questionnaires, or other tools to facilitate the identification and management of IT risks.
• Implement initiatives with relevant functions/teams to improve operational efficiency and overall internal control environment.
• Recommend internal audit process improvements to balance needs for operation efficiency and risk control
• Typical engagement domains including but not limited to: cybersecurity, data privacy, IT operation, IT governance, Sarbanes Oxley (SOX), regulatory requirements related IT audits, ad hoc on demand special projects, etc.

Education & Technical Requirements:

Bachelor degree or above

CISA and CISSP certification required; other cybersecurity related certification is a plus (e.g. CIPM, etc.)

• of common frameworks and regulatory requirements: COBIT, NIST, ISO/IEC 27001, CSA CCM, CIS controls, OWASP Top Ten, cybersecurity and data privacy related regulatory requirements in China, etc.
• programming skills for analytical works (R, C++, VBA, SQL, etc.) is a plus
• with data analytics software such as fine BI and Tableau is a plus

Work Experience & Skills:

10 years of solid IT audit, security, advisory experience 

Strong planning, organizing skills

Critical thinking and analytic skills to integrate, analyze and evaluate facts/data and to prepare and present concise oral and written reports in both English and Chinese

Ability to handle and simplify complex matters, conduct deep dive reviews and propose innovative solutions that are results driven

Proven ability to manage multiple projects, work effectively with cross-functions and drive process improvement initiatives across an organization

Be able to work autonomously and the ability to deal with ambiguity

Good team contributor and soft skills

Desire to learn & grow, high degree of responsibility and personal integrity