50-70K·14薪

IT审计高级经理(需要CyberSecurity背景) 猎头职位

代招公司:某大型知名餐饮上市公司 已上市

上海10年以上本科

安全运维和保障 C/C++ CISSP/CISP 安全体系架构和研发 SQLmap CISA IT审计经验 cybersecurity
立即沟通
肖女士
感兴趣

翌高·猎头顾问

职位描述

PURPOSE OF THE JOB: Capture the essence of the whole job in one or two sentences.
- This role will be responsible for maintaining the IT internal control environment and IT audit engagement including planning, fieldwork, and closure reporting with its follow-up on the status of remediation actions. Offer automated and systematic solutions to evaluate and improve the effectiveness of IT risk management and internal controls in the organization.
JOB FUNCTIONS: List major job functions using simple task statements.
- Develop a thorough understanding and knowledge of company’s operations and risk universe (internal and external factors), establish effective business relationships within the company, propose innovative and systematic approaches to identify and manage IT risks to ensure internal policies and regulations are well implemented.
- Lead and manage internal audit initiatives from plan, execute and complete audit fieldworks according to established framework and schedule. Prepare comprehensive audit reports, facilitate and monitor resolution implementation.
- Develop and refine audit process, programs, questionnaires, or other tools to facilitate the identification and management of IT risks.
- Implement initiatives with relevant functions/teams to improve operational efficiency and overall internal control environment.
- Recommend internal audit process improvements to balance needs for operation efficiency and risk control
- Typical engagement domains including but not limited to: cybersecurity, data privacy, IT operation, IT governance, Sarbanes Oxley (SOX), regulatory requirements related IT audits, ad hoc on demand special projects, etc.

KNOWLEDGE AND SKILL REQUIRED: State formal educational level and experience required for the job. State additional professional, technical or years of experience required.
Education & Technical Requirements:
- Bachelor degree or above
- CISA and CISSP certification required; other cybersecurity related certification is a plus (e.g. CIPM, etc.)
- Knowledge of common frameworks and regulatory requirements: COBIT, NIST, ISO/IEC 27001, CSA CCM, CIS controls, OWASP Top Ten, cybersecurity and data privacy related regulatory requirements in China, etc.
- Foundation programming skills for analytical works (R, C++, VBA, SQL, etc.) is a plus
- Familiar with data analytics software such as fine BI and Tableau is a plus
Work Experience & Skills:
- 10 years of solid IT audit, security, advisory experience (Big 4, multinational consulting firms, or BAT tech companies preferred)
- Strong planning, organizing skills
- Critical thinking and analytic skills to integrate, analyze and evaluate facts/data and to prepare and present concise oral and written reports in both English and Chinese
- Ability to handle and simplify complex matters, conduct deep dive reviews and propose innovative solutions that are results driven
- Proven ability to manage multiple projects, work effectively with cross-functions and drive process improvement initiatives across an organization
- Be able to work autonomously and the ability to deal with ambiguity
- Good team contributor and soft skills
- Desire to learn & grow, high degree of responsibility and personal integrity
更新于:2024-12-11
下载APP确定

已安装?在APP中 直接打开