Information Security Auditor / Data Privacy Assessor / IT Auditor / Lead Auditor

We are looking for an experienced Auditor/Assessor to join our IT Audit team. The ideal candidate should have proven track record in Information Security/Data Privacy related audit experience and able to provide practical recommendations to strengthen the organization’s Information Technology security posture and data privacy regime.

Shortlisted applicants will be considered for the role of Information Security Auditor / Data Privacy Assessor / IT Auditor / Lead Auditor

Key Responsibilities:

​

Execution of the Information Security and Data Privacy related audit/assessment process

Exhibits appropriate judgment regarding issue notification, prepares draft findings in accordance with relevant systems standards and drafts final audit reports for review by the Technical or Audit Manager.

Demonstrates depth and breadth of knowledge of Audit methodologies and objectives.

Demonstrates professionalism with good communication skills.

Presents audit/assessment results in an objective and unbiased manner.

Writes opinions reflecting relevant facts that lead to logical conclusions.

Ensure compliance with ISOCert's policy & procedures

Perform administrative duties according to plan and organize audits.

Perform audit on client’s existing processes and Information Security and Data Privacy systems.

Investigate client’s business process controls, application controls and IT controls and benchmark them according to regulations and industry standards.

Pre-requisites:

Degree or Diploma in IT / Computing / Information Security or equivalent qualifications

Minimum 3 years of relevant working experience for Degree holders / 5 years of related working experiences for Diploma holders (preferably specializing in IT / IT Security field).

Candidates with knowledge and experience in ISO 27001, ISO 27701, DPTM and other management system related standards are preferred.

Preferably with Lead Auditor Training Certification in ISO 27001:2013 / Certified Information Security Auditor – CISA and PDPA related training.

Those with auditing experience will be an added advantage.

Good report writing skills

Excellent communication and presentation skills.