[ref. c46462916] Manila - Information Systems Senior Audit Manager

Job Title: Information Systems Senior Audit Manager

The position involves planning, executing, and reporting on IT and cybersecurity audits, as well as advising on improvements to strengthen the organization's information systems and risk posture.

Responsibilities:

IT Audit Planning and Execution:

• Develop and execute a comprehensive, risk-based IT audit plan covering key technology systems, cybersecurity, data governance, and infrastructure.
• Conduct audits of enterprise systems, cloud environments, application controls, databases, and IT general controls (ITGCs).
• Evaluate the design and effectiveness of IT controls in alignment with frameworks such as COBIT, NIST, ISO 27001, and SOX IT compliance requirements.
• Assess system development life cycle (SDLC), change management, access management, and disaster recovery processes.

Risk and Controls Evaluation:

• Identify and assess technology-related risks and vulnerabilities, including cybersecurity threats, data privacy issues, and third-party risks.
• Recommend enhancements to IT control environments and participate in remediation plans with IT and security stakeholders.

Compliance and IT Governance:

• Ensure compliance with internal policies, industry standards, and regulatory requirements including SOX, GDPR, HIPAA, or PCI-DSS, where applicable.
• Review and advise on IT governance structures, cybersecurity frameworks, and IT policy effectiveness.

Reporting and Communication:

• Prepare and present high-quality audit reports that clearly articulate findings, risks, and recommendations to senior leadership, including the Audit Committee.
• Facilitate discussions on technology risks and mitigation strategies with cross-functional stakeholders.

Collaboration and Advisory:

• Partner with IT leadership, cybersecurity teams, risk management, and external auditors to align on audit scope, findings, and strategic improvements.
• Provide insights on emerging technology risks and trends impacting the organization.

Qualifications:

• Bachelors degree in Accounting, Information Systems, Computer Science, Accounting Information Systems, or a related field.
• Certified Public Accountant (CPA) is an advantage.
• Professional certifications such as CISA (REQUIRED), CIA, CISSP, or CRISC strongly preferred.
• Minimum of 8 years of experience in IT auditing, information security, or risk management, including experience in a leadership or senior audit role.
• Strong knowledge of IT risk management, cybersecurity principles, cloud computing, data privacy, and internal control frameworks.
• Familiarity with ERP systems (e.g., SAP, Oracle) and audit analytics tools.
• Proficient in IT audit software and data analysis tools (e.g., ACL, IDEA, Power BI).
• Excellent critical thinking, analytical, and communication skills.
• Proven ability to lead projects, manage audit teams, and build relationships across technical and non-technical stakeholders.
• High integrity, sound judgment, and a commitment to confidentiality and ethics.