Information Security Audit Manager

As Information Security Audit Manager, you’ll be at the forefront of protecting the organisation’s digital landscape by conducting thorough audits across a variety of technology platforms. Your daily journey will see you guiding complex IT audits from start to finish while upholding rigorous standards of governance and compliance.

What you'll do:

• Supervise, manage, and deliver comprehensive risk-based audits of information systems to ensure top-tier governance, risk management, and control processes are embedded throughout the organisation.
• Provide independent assurance that all auditee operations meet or exceed performance standards, regulatory requirements, and industry best practices.
• Evaluate management processes, internal controls, compliance frameworks, and governance structures to spot opportunities for improvement within IT environments.
• Offer clear recommendations to enhance the adequacy, effectiveness, and efficiency of internal controls designed to manage critical risks across diverse business units.
• Assist in planning and executing the annual information systems audit plan as well as dynamic ad-hoc assignments under department leadership guidance.
• Mentor and inspire team members by providing training on specialised topics such as cyber security, risk assessment methodologies, and emerging technologies relevant to audit functions.
• Prepare detailed reports that highlight audit findings, risk assessments, and actionable recommendations for senior management consideration.
• Collaborate closely with stakeholders across departments to ensure timely implementation of agreed-upon audit recommendations while monitoring progress towards remediation.
• Stay ahead of evolving audit techniques, cyber security trends, regulatory changes, and technological advancements impacting information systems auditing.
• Support process innovation initiatives by leveraging data analytics tools during project implementation audits to boost overall audit effectiveness.

What you bring:

• Comprehensive understanding of information systems security risks and controls with practical knowledge of banking products, operations, infrastructure components, and related technologies.
• Proven ability to apply risk-based assessment techniques when evaluating IT environments for potential vulnerabilities or compliance issues.
• Familiarity with best practices in audit methodologies including those related to cyber security assessments, network devices evaluation, encryption protocols analysis, operating system reviews, database audits, cloud technology scrutiny, robotic process automation checks, and artificial intelligence applications.
• Knowledge of key security frameworks such as ISO 27001, NIST standards, COBIT guidelines as well as local regulatory requirements (e.g., BNM).
• Relevant tertiary qualifications or professional certifications such as CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), CRISC (Certified in Risk & Information Systems Control), CIA (Certified Internal Auditor), CBA (Certified Business Auditor), CISSP (Certified Information Systems Security Professional) or equivalent credentials.

What sets this company apart:

This organisation shines thanks to its steadfast commitment to integrity while embracing technological progress at every turn. Employees enjoy a culture where knowledge sharing is second nature—everyone from new joiners to seasoned experts is encouraged to participate in ongoing training tailored around current industry challenges.

What's next:

If you’re ready to energise your career in information systems auditing within a supportive environment that values expertise and teamwork—this is your moment!

Do note that we will only be in touch if your application is shortlisted.

Agensi Pekerjaan Robert Walters Sdn Bhd
Business Registration Number : 729828-T
Licence Number : JTKSM 423C