IT Audit & Risk Consultant

External Audit and Security Testing Projects

• Plan and actively manage internal and external auditors / security consultants to deliver audit and security testing services for clients.
• Engage with clients to scope, plan security audit / security testing projects and include scheduling of on site or off-site works.
• Build and nurture positive working relationship with clients, by providing quality deliverables and communications.

In-house

• Participate as an active member of the internal audit and IT security team.
• Conduct briefings, perform fieldworks, tabulate management responses and follow-up actions to ensure timely execution of audit / security testing work plans.
• Review audit findings and assess overall state of compliance and risk management.
• Conduct information security awareness training and promote information security practices.
• Review and upkeep information security policies, processes / procedures and guidelines on an ongoing basis.
• Conduct security risk management exercises and perform VAPT on Company’s internal IT infrastructures.

Qualifications

• Candidates with 4 to 5 years technical experience in systems and networks, particularly in the area of IT security will be an advantage.
• Those with current security certification such as CISSP, CISM, CISA, CREST, OSCP with hands-on experience performing VAPT using tools such as Nessus, Nmap, Wireshark, Kali Linux, Burp Suite etc. will have added advantage.

Other Personal Traits

• Be conversant in IT security related subject matters to engage in discussions with clients
• Good command of oral and written English
• Patient and pleasant personality