The Mall Group
The Mall Group Co., Ltd.
The Mall Group Co., Ltd. is the leading retail business in Thailand comprising of multiple branches of The Mall Department Stores, The Emporium, and Siam Paragon. We are on the path of expanding operations to cope with our brilliant business opportunities. The company is now seeking proactive and enthusiastic talented professionals to strengthen our Management Team with a strong determination of achieving The Regions Ultimate Retail Entertainment Complex Group.
Position Summary (3 positions : Junior/Senior/Manager level)
IT Auditor is responsible for developing, planning, and executing IT audit planning and execution based on risk assessments in a challenging environment. This includes documenting and communicating risks, providing counsel on control issues and recommended process changes, and monitoring corrective actions in order to improve the existing practices of the organization. He/She is also expected to effectively work and learn from external IT Audit specialist for complex IT landscape implementations e.g. SAP, Retail systems, etc.
Company offers (besides from common benefits & compensation)
- Salary based on experience but attractive among others.
- Offers excellence career path within organization (first batch of IT Auditor within organization!)
- Great opportunities to learn and work with many complex IT systems and landscapes e.g. SAP S/4 HANA, POS, Business Intelligence, Big Data, Data Analytics, etc.
- Fun and challenging working with multi-national management team (British, French, etc.)
- Onboards with many challenging IT Audit project i.e. SAP Assurance and Audit, Security Assessment and Redesign, co-sourcing with external leading IT audit experts.
- Support for attending business and modern tech education / seminar / events
Responsibilities and duties:
- Provide Business and IT management with guidance on IT risk management matters, particularly on application and infrastructure security.
- Responsible for developing and maintaining the IT Risk Assessment at the Corporate Level under the oversight of the Corporate management; including identifying areas where business units should consider additional investment and areas internal audit should focus.
- Conduct audits or lead audit teams in performance of IT audits and reviews of systems, applications and IT processes. Prepare and report results to executives and Audit Committees.
- These include;
- Perform pre and post- implementation reviews of system implementations or enhancements.
- IT security and application audits (e.g. network, operating system, data center, SAP, Retail system), including evaluating if security vulnerabilities are properly identified and mitigated. Coordinate the scope and performance of these reviews with business units and external security experts.
- Evaluate information general computing controls and provide value added feedback. Test compliance with those controls. Coordinate with compliance or legal teams as applicable.
- Perform various other reviews of IT management policies and procedures such as change management, business continuity planning/ disaster recovery and information security to ensure that controls surrounding these processes are adequate.
- Develop, build & implement tools to analyze data to improve audit efficiency and effectiveness, (including for risk assessments). Ultimately be a source for analytics that business units adopt to provide business insights or for continuous auditing.
- Conduct audits or lead audit teams in operational / financial audits.
- Bachelor or Master Degree in Management Information System, Information Technology, Computer Science, or related field with strong academic record
- Minimum 2 years of working experiences in IT Audit or Security control in IT auditing, or other related experiences (e.g. Information Security, IT Risk and Control, IT Quality Control), preferably in Retail, Banking or Financial service industry
*2 years for Junior level, 4 years for Senior level, 7 years for Manager level
- Proactive and able to work independently with strong interpersonal and communication skill
- Good documentation skills, organized, methodical and detail-oriented
- CISA, CISSP, CISM or other technical certifications is a plus
Interested candidate please feel free to send your CV directly to email : firstname.lastname@example.org
To apply for this job email your details to email@example.com