Risk and Control Solutions (RCS): IT Audit (Security) - Assistant Manager/ Manager
Assistant Manager/ Manager
Our Advisory team helps clients improve the governance, risk management and compliance of their operations. This solutions-based service help clients solve a diverse set of structure, function and business risks by utilizing our deep understanding of governance, risk management/ compliance, IT systems and internal controls in businesses. The unique resources contained in within the practice have proven knowledge and provide a hands-on approach to business problems – and can be deployed rapidly to address risk-based issues.
Working with our leading clients in key industries in the Advisory team, you will gain exposure to a wide variety of complex operational and systems environments, challenges and learning opportunities. Assignments will include performing risk assessments, business process / application controls reviews, and other controls and assurance related work.
Due to considerable development in the demand for our services, we are looking to expand the team with the addition of suitably qualified team members. The roles represent a combination of business development and leading and supporting roles in the delivery of complex and innovative solutions to our clients which includes the following key services offering:
- Due diligence – assess, quantify and independently report on potential market opportunities and corporate deals, including mergers, acquisitions, disposals and restructuring.
- Corporate governance – implementation, review and enhancement of corporate governance frameworks.
- Enterprise risk management - implementation, review and assessment of operational and IT risks.
- Internal audit – review and assessment of business process controls, implementation of control self assessments.
- Performance improvement – analyzing and enhancing business processes to increase profitability and cost management.
- IT system audit and implementation – review, assess and develop IT operations and risk management strategies to manage IT system and to design, select and implement new IT systems.
PwC is seeking an experienced and talented manager with strong IT audit and IT technical background and a desire to provide IT consulting services to clients in various industries. You will provide advisory services focused on IT audit related services. You will also manage and coach a team to support you in delivering projects in Cambodia and other countries as required.
You will be provided the opportunity to interact with senior management as well as the opportunity to enhance your skills in the areas of technical competency, business development, client service and people development
- Bachelor or Master Degree in Accounting, Computer Science, MIS and any IT related fields.
- Minimum 5 years of working experiences in IT audit, IT security, IT technical background and / or industry knowledge. Working experiences in big 4 audit firms are preferable.
- Strong IT audit and IT technical knowledge as well as working experiences in any of the following areas:
- Network security controls including firewall, router, IDS/IPS security configuration and security review.
- Strong database management system including Data Gap Analysis, IAS39, Business Process.
- Operating system configuration and security review for any of various platforms: Mainframe, Windows NT/2000/2003, UNIX, Middleware, Oracle/SQL databases. This includes vulnerability assessment by using scanning tools.
- Penetration testing at both network and web application level.
- Identity and access management solutions and implementation.
- ISO/IEC 17799:2005 and ISO/IEC 27001:2005 concepts.
- Data privacy/data loss protection.
- Understanding of business security practices, security controls and risk management concepts.
- Strong analytical and problem solving capabilities.
- Excellent teamwork and inter-personal skills.
- Self-motivated individuals that are willing to develop solutions on their own or in a team of highly skilled professionals.
- Rapid learning capability and able to work under pressure.
- Demonstrated experience as a team leader.
- Ability to manage effectively multiple, concurrent projects and meet deadlines while working both independently and in a team environment.
- Ability to work effectively and utilize project management skills to manage tasks according to strict deadlines.
- Excellent written and spoken English language. Mandarin or Thai linguistic skills are an advantage.
- Multi-national and/or cross border project experience is an advantage.
- Relevant experience assisting with proposal development and presentations is an advantage. Related certifications are a plus e.g., CISSP, CISA, CCNA, SANS, GIAC, MCSE, MCP, ISO27001 lead auditor, etc.
Required Technical Knowledge
- Security policy, standard, framework
- security strategy
- ISO27001/27002 (he doesn't even know what this is)
- Data classification, data protection
- security assessment, penetration test
- Business Continuity Management
- Disaster Recovery Plan
- Identity and access management
- Network security architecture
- Security in SDLC
- Good leadership skill
- Demonstrated “Can-do” attitude and eagerness to learn
- Excellent analytical, problem solving, and problem identification skills
- Ability to work in a dynamic environment which requires greater flexibility and adaptability
- Ability to work independently or as a team and work well under pressure , time constraints and difficult situations
- Good relationship building, interpersonal, communications, and persuasive skills
- Professional working environment where you will be intellectually challenged and work on interesting engagements with peers with international experience
- Competitive salary and benefits
- Long term career progression with an internationally recognized industry leader and brand