The Head of IT Audit is a newly created role. The successful candidate will report to the Head of Internal Audit and will supervise one individual for this large FMCG corporation.
Key Responsibilities | Deliverables
- Ensure adequate and efficiency of both IT general control and technical control currently practiced within the Group
- Prepare the IT audit engagement plan, carry-out works, and deliver results as per project timeline
- Assess and review the adequacy and effectiveness of the IT control procedures on hardware, software, mobile devices, network infrastructure technology, cyber security, internet, and digitalization
- Assess an take responsibility of governance, risk management, and control related to IT and provide practical advise to the management
- Conduct investigation over cyber security, governance issues, and cyber-attacks; report to management on a timely basis
- Present IT audit results and practical recommendations to the managements as well as a follow-up action plan
- Provide advise related to the IT control procedures and governance
- Coordinate and support external auditors or assessors when system audits are conducted
- Carry-out special projects as assigned by supervisor
Experience | Skill Requirements
- Bachelor or Master Degree in Computer Engineering, Computer Science, MIS and any IT related fields
- At least 5 years of experience in IT audit, IT security, IT Technical background
- Professional license in CIA, CISA, CISM, CISSP, CEH, GPEN, etc. would be advantage
- Strong IT security and IT technical knowledge as well as work experience in any of the following areas:
- Penetration testing at network , web & mobile application and wireless level
- Penetration testing tools, vulnerability scanning, disassemblers/debuggers
- One or more scripting languages is an advantage.
- Network security controls including firewall, router, IDS/IPS security configuration and security review
- Operating system configuration and security review for any of various platforms: Mainframe, Windows, UNIX, Middleware, Oracle/SQL databases.
- Familiarly with COBIT, ITIL, OWASP, OSSTMM, NIST, ISO 27001 and compliance regulations standards such as BOT, SEC, PCI-DSS, etc.
- Understand IT best practices, security controls, and risk management concepts
- Strong Thai and English language skills, both written and spoken
- Multi-national and/or cross border project experience is an advantage
- Relevant experience with assisting proposal development and presentation
- Thai nationals only
Please note that due to the expected high application rate, only those who are shortlisted will be contacted.