Specialism / Function
Two stage interview
- Responsible for external audit, internal audit (IT general controls and/ or application controls review) and IT advisory assignments allocated from time to time including all aspects of planning, completion, and fieldwork management.
- Ensure detailed risk and control matrices including tests to be carried out for each external and internal audit are prepared - along with key deadlines – and agreed with the engagement lead.
- Collaborate with team members to collect and assess quality of data, remove or clean data, analyse data and use data analytics tools to improve and streamline internal and external audit approach including driving the audit planning process.
- Compilation or review of working papers and reports in line with Grant Thornton International and firm’s Quality Management Manual requirements and Advisory Key Risks policy.
- Use graphs, infographics, and other methods for data visualisation to produce compelling internal and external audit reports.
- Continuously keep abreast of latest developments in IT audit and cybersecurity, build business intelligence, and produce thought leadership articles on periodic basis.
- Conduct performance reviews and identify areas of development for junior members in IT audit and advisory team and implements appropriate response/solutions such as training, coaching, mentorship etc.
Qualification and experience
Candidate should have a degree in Computer Information Systems, Computer Science, Information technology or equivalent and a minimum of 4 years’ hands-on experience in systems audit and cybersecurity advisory. Intermediate knowledge of ISACA prescribed standards, guidelines and procedures for IT audits. Intermediate knowledge of COBIT governance framework and supporting tools.
Competencies candidate must have
Candidate should have clear understanding of IT audit methodologies, understanding of IT governance frameworks and tools, knowledge and hands-on experience in conducting vulnerability assessment, penetration testing, red teaming, cyber controls/ configurations review, compromise assessment, cyber risk and maturity assessment, cyber health check, development and review of cyber security strategy, governance and operating model, knowledge and hands-on experience in data analytics and application in internal and external audits using data analytics tools like IDEA / R / ACL is mandatory, advanced knowledge of Microsoft products, viz. Excel, PowerPoint and Word, should be able to work under tight deadlines and have good analytical and report writing skills.