IT Audit Manager
About this position
The IT Audit Manager is responsible for conducting assessments of IT governance, risk management processes, and IT security controls, ensuring compliance with relevant standards and regulations.
Responsibilities
• Conduct assessments of IT governance and risk management processes in accordance with COBIT and ISO standards.
• Evaluate IT risk management practices and provide recommendations to enhance IT governance.
• Perform IT security assessments using the NIST Cybersecurity Framework and COBIT framework to assess the adequacy of IT security controls.
• Review data security controls with a focus on personal data protection, ensuring compliance with the Personal Data Protection Act (PDPA).
• Conduct cloud computing audits, specifically focusing on AWS security, and evaluate against CIS standards and ISACA guidelines.
• Review network security controls, including rulesets and security configurations for Fortigate firewalls, to identify vulnerabilities and recommend enhancements.
• Audit IT general controls, including access management, change management, and IT operations, to ensure effective design and operation.
• Review the Group's IT information security policies and provide recommendations for alignment with industry best practices and regulatory requirements.
Requirements
• Bachelor's degree or higher in Information Technology, or related fields.
• At least 5 years of experience as an audit consultant, internal auditing, or IT auditing.
• Knowledge of internal auditing standards and related laws.
• Strong analytical and risk assessment skills.
• Excellent communication and report-writing skills.
• Proficiency in relevant computer programs.