Back to job search

IT Audit Manager

Central Group (Corporate Unit) (Bang Rak)
Bangkok, Thailand 🇹🇭
The Central Group consists of a variety of diverse investment in various corporations, each of which has become the leader in the retail, property development , hospitality , food and beverage industries. These complementary businesses continue to strengthen our position in the marketplace both domestically and internationally. In 2014, Central Group revealed the organizational restructuring to streamline. 9 new business groups such as Central Department Store Group (CDG), Central Food Retail Group (CFG), Central Hardlines Group (CHG), Central Online (COL), Central Pattana Group (CPN),Central Marketing Group (CMG), Central Hotels and Resorts Group (CHR), Central Restaurants Group (CRG) and Central Group (VIETNAM) to spearhead the conglomerate at global level , focusing on sustainable growth with strategy of excellence in "Branding" "People", "Synergy" and consolidating the strength of Central Group "to be Number One" under the concept of "One Group".

About this position

The IT Audit Manager is responsible for conducting assessments of IT governance, risk management processes, and IT security controls, ensuring compliance with relevant standards and regulations.

Responsibilities

• Conduct assessments of IT governance and risk management processes in accordance with COBIT and ISO standards.
• Evaluate IT risk management practices and provide recommendations to enhance IT governance.
• Perform IT security assessments using the NIST Cybersecurity Framework and COBIT framework to assess the adequacy of IT security controls.
• Review data security controls with a focus on personal data protection, ensuring compliance with the Personal Data Protection Act (PDPA).
• Conduct cloud computing audits, specifically focusing on AWS security, and evaluate against CIS standards and ISACA guidelines.
• Review network security controls, including rulesets and security configurations for Fortigate firewalls, to identify vulnerabilities and recommend enhancements.
• Audit IT general controls, including access management, change management, and IT operations, to ensure effective design and operation.
• Review the Group's IT information security policies and provide recommendations for alignment with industry best practices and regulatory requirements.

Requirements

• Bachelor's degree or higher in Information Technology, or related fields.
• At least 5 years of experience as an audit consultant, internal auditing, or IT auditing.
• Knowledge of internal auditing standards and related laws.
• Strong analytical and risk assessment skills.
• Excellent communication and report-writing skills.
• Proficiency in relevant computer programs.