Basic Information

Ref Number

Req_00020252

Last day to apply

30-Jun-2019

Primary Location

Ortigas Center

Country

Filipiny

Description and Requirements

  • IT Services Risk Management, Audit & Compliance
  • The individual is responsible for managing and coordinating  Assurance Audits such as  SOC2, CSAE 3416, Section 5025,  PCI-DSS, Interac audits, as well as client compliance programs. Monitoring & Reporting of all remediation efforts that would .  In addition, the Audit & Compliance specialist is responsible to build, develop and implement audit and compliance programs and policies to safeguard data.
  • Manage and/or coordinate Assurance Audits such as  SOC2, CSAE 3416, Section 5025,  PCI-DSS, Interac audits, as well as client compliance programs.
  • Create and administer internal and external compliance/audit programs
  • Monitor the remediation of all control deficiencies
  • Responsible for assessing and understanding the risks and contribute in risk management initiatives. 
  • Responsible for the development and enforcement of Information Security policies.
  • Audit Management and coordination:
    • Set and manage audit schedule
    • Coordinate and manage auditors/ Staff meetings/etc
    • Gather/ review/validate audit evidence / supporting documentation
    • Present audit results to staff and if necessary to clients
  • Coordinate various client external audits
  • Audit analysis and assessment of internal control processes and procedures
  • Serve as liaison with Clients, auditors, staff and management for all audit matters
  • Perform annual vendor management assessments
  • Create and administer compliance / audit programs
    • Review existing business and IT processes and controls
    • Complete gap analysis and risk assessments
    • Identify existing and create new monitoring controls
    • Collect evidence and conduct audits as necessary
  • Participate in special projects as required
  • Monitor the remediation of all control deficiencies
  • Continuously improve the internal and external audit and compliance security posture of all audits in the Audit Program.
  • Provide business process internal control guidance to where warranted

Additional Job Description

The individual is responsible for managing and coordinating Assurance Audits such as SOC2, CSAE 3416, Section 5025, PCI-DSS, Interac audits, as well as client compliance programs. Monitoring & Reporting of all remediation efforts that would . In addition, the Audit & Compliance specialist is responsible to build, develop and implement audit and compliance programs and policies to safeguard data. Key Job Responsibilities • Manage and/or coordinate Assurance Audits such as SOC2, CSAE 3416, Section 5025, PCI-DSS, Interac audits, as well as client compliance programs. • Create and administer internal and external compliance/audit programs • Monitor the remediation of all control deficiencies • Responsible for assessing and understanding the risks and contribute in risk management initiatives. • Responsible for the development and enforcement of Information Security policies. Detailed Job Responsibilities • Audit Management and coordination: o Set and manage audit schedule o Coordinate and manage auditors/ Staff meetings/etc o Gather/ review/validate audit evidence / supporting documentation o Present audit results to staff and if necessary to clients • Coordinate various client external audits • Audit analysis and assessment of internal control processes and procedures • Serve as liaison with Clients, auditors, staff and management for all audit matters • Perform annual vendor management assessments Other Job Responsibilities if required • Create and administer compliance / audit programs o Review existing business and IT processes and controls o Complete gap analysis and risk assessments o Identify existing and create new monitoring controls o Collect evidence and conduct audits as necessary • Participate in special projects as required • Monitor the remediation of all control deficiencies • Continuously improve the internal and external audit and compliance security posture of all audits in the Audit Program. • Provide business process internal control guidance to where warranted Mandatory-Qualifications (Education, skills, knowledge and experience) • Education: o University Degree and relevant experience. o Nice to have Audit Designation (CISA, CRISC, CISM, PCIP, PCI-QSA, CA, CIA) • Knowledge: o Excellent Project Management, communication and organizational skills. Ability: Demonstrated ability to analyze problems, devise solutions, plan, organize, evaluate, implement and manage audit processes. o Must display tact and diplomacy, maturity, judgement and imagination. Experience: Minimum 2 years audit / internal control experience Nice to have -Qualifications (Education, skills, knowledge and experience) • Education: o Audit Designation (CISA, CRISC, CISM, PCIP, PCI-QSA, CA, CIA) • Knowledge: o Good understanding of COBIT, ISO27001, ITIL, and risk management frameworks. o Knowledge of generally accepted accounting practices and internal control techniques o Knowledge of information security technology, audit & control measures, monitoring/investigation methodologies and privacy/regulatory requirements.