职位描述
PURPOSE OF THE JOB: Capture the essence of the whole job in one or two sentences.
- This role will be responsible for maintaining the IT internal control environment and IT audit engagement including planning, fieldwork, and closure reporting with its follow-up on the status of remediation actions. Offer automated and systematic solutions to evaluate and improve the effectiveness of IT risk management and internal controls in the organization.
JOB FUNCTIONS: List major job functions using simple task statements.
- Develop a thorough understanding and knowledge of company’s operations and risk universe (internal and external factors), establish effective business relationships within the company, propose innovative and systematic approaches to identify and manage IT risks to ensure internal policies and regulations are well implemented.
- Lead and manage internal audit initiatives from plan, execute and complete audit fieldworks according to established framework and schedule. Prepare comprehensive audit reports, facilitate and monitor resolution implementation.
- Develop and refine audit process, programs, questionnaires, or other tools to facilitate the identification and management of IT risks.
- Implement initiatives with relevant functions/teams to improve operational efficiency and overall internal control environment.
- Recommend internal audit process improvements to balance needs for operation efficiency and risk control
- Typical engagement domains including but not limited to: cybersecurity, data privacy, IT operation, IT governance, Sarbanes Oxley (SOX), regulatory requirements related IT audits, ad hoc on demand special projects, etc.
KNOWLEDGE AND SKILL REQUIRED: State formal educational level and experience required for the job. State additional professional, technical or years of experience required.
Education & Technical Requirements:
- Bachelor degree or above
- CISA and CISSP certification required; other cybersecurity related certification is a plus (e.g. CIPM, etc.)
- Knowledge of common frameworks and regulatory requirements: COBIT, NIST, ISO/IEC 27001, CSA CCM, CIS controls, OWASP Top Ten, cybersecurity and data privacy related regulatory requirements in China, etc.
- Foundation programming skills for analytical works (R, C++, VBA, SQL, etc.) is a plus
- Familiar with data analytics software such as fine BI and Tableau is a plus
Work Experience & Skills:
- 10 years of solid IT audit, security, advisory experience (Big 4, multinational consulting firms, or BAT tech companies preferred)
- Strong planning, organizing skills
- Critical thinking and analytic skills to integrate, analyze and evaluate facts/data and to prepare and present concise oral and written reports in both English and Chinese
- Ability to handle and simplify complex matters, conduct deep dive reviews and propose innovative solutions that are results driven
- Proven ability to manage multiple projects, work effectively with cross-functions and drive process improvement initiatives across an organization
- Be able to work autonomously and the ability to deal with ambiguity
- Good team contributor and soft skills
- Desire to learn & grow, high degree of responsibility and personal integrity
- This role will be responsible for maintaining the IT internal control environment and IT audit engagement including planning, fieldwork, and closure reporting with its follow-up on the status of remediation actions. Offer automated and systematic solutions to evaluate and improve the effectiveness of IT risk management and internal controls in the organization.
JOB FUNCTIONS: List major job functions using simple task statements.
- Develop a thorough understanding and knowledge of company’s operations and risk universe (internal and external factors), establish effective business relationships within the company, propose innovative and systematic approaches to identify and manage IT risks to ensure internal policies and regulations are well implemented.
- Lead and manage internal audit initiatives from plan, execute and complete audit fieldworks according to established framework and schedule. Prepare comprehensive audit reports, facilitate and monitor resolution implementation.
- Develop and refine audit process, programs, questionnaires, or other tools to facilitate the identification and management of IT risks.
- Implement initiatives with relevant functions/teams to improve operational efficiency and overall internal control environment.
- Recommend internal audit process improvements to balance needs for operation efficiency and risk control
- Typical engagement domains including but not limited to: cybersecurity, data privacy, IT operation, IT governance, Sarbanes Oxley (SOX), regulatory requirements related IT audits, ad hoc on demand special projects, etc.
KNOWLEDGE AND SKILL REQUIRED: State formal educational level and experience required for the job. State additional professional, technical or years of experience required.
Education & Technical Requirements:
- Bachelor degree or above
- CISA and CISSP certification required; other cybersecurity related certification is a plus (e.g. CIPM, etc.)
- Knowledge of common frameworks and regulatory requirements: COBIT, NIST, ISO/IEC 27001, CSA CCM, CIS controls, OWASP Top Ten, cybersecurity and data privacy related regulatory requirements in China, etc.
- Foundation programming skills for analytical works (R, C++, VBA, SQL, etc.) is a plus
- Familiar with data analytics software such as fine BI and Tableau is a plus
Work Experience & Skills:
- 10 years of solid IT audit, security, advisory experience (Big 4, multinational consulting firms, or BAT tech companies preferred)
- Strong planning, organizing skills
- Critical thinking and analytic skills to integrate, analyze and evaluate facts/data and to prepare and present concise oral and written reports in both English and Chinese
- Ability to handle and simplify complex matters, conduct deep dive reviews and propose innovative solutions that are results driven
- Proven ability to manage multiple projects, work effectively with cross-functions and drive process improvement initiatives across an organization
- Be able to work autonomously and the ability to deal with ambiguity
- Good team contributor and soft skills
- Desire to learn & grow, high degree of responsibility and personal integrity
- 热门职位:
- 模拟IC设计工程师招聘 项目专员招聘 电子工程师招聘 模拟版图设计工程师招聘 嵌入式软件工程师招聘 射频工程师招聘 算法研究员招聘 算法工程师招聘 规控算法招聘 鸿蒙开发工程师招聘 移动开发招聘 通信电源工程师招聘 实施工程师招聘 网络工程师招聘 测试工程师招聘 风控算法招聘 功能测试招聘 有线传输工程师招聘 数据架构师招聘 电路设计招聘 光网络工程师招聘 .NET招聘 硬件项目经理招聘 技术文档工程师招聘 U3D招聘 测试经理招聘 DFT工程师招聘 数据挖掘招聘 PCB工程师招聘 软件测试招聘
- 推荐公司:
- 新供销天韶冷链 广州银峰汇投资服务有限公司 厦门春上钢结构工程有限公司 山东萬康生物科技有限公司 萌星体育文化发展篮球羽毛球教练招聘 西安贝壳房产销售招聘 合肥丰源劳务有限公司 晖农生物科技公司电话销售专员招聘 台州丽富特贸易有限公司 重庆瑞松电器有限公司 铜山区雅米西餐厅服务员招聘 美菜商业分析招聘 龙门尚天然开心农场有限公司 苏州雨盛服饰制作有限公司 重庆欧伏安电气有限公司 贵在电子商务行政绩效专员招聘 天津业之峰诺华装饰有限公司第一分公司招聘 内蒙古永正装饰工程有限公司 重庆空压机售后工程师招聘 金康高科会计招聘 曹县麦乡源食品有限公司 进贤泰鼎土流农林有限公司 珠海市云译信息技术有限公司 长沙亚斯智能科技有限公司 宜春市宇通电气有限公司 扬州泽源广告有限公司 重庆永环洁环保科技有限公司招聘 漳浦县港兴运输有限公司 深圳车机工程师招聘 爱心灰姑娘教师招聘
更新于:2024-12-11