IT AUDIT MANAGER
Location: Makati
Work Setup: Hybrid (3 DAYS RTO)
Work Schedule: Monday - Friday
The IT Audit Manager is responsible for leading multiple engagement teams, working with a wide variety of clients to deliver professional services and managing business development activities on strategic and global priority accounts specific to IT Audit engagements including IT control/SOX compliance and assessment, information security and data security.
Key Responsibilities
Engagement Management
- Lead the planning, execution, and reporting of IT audits, ensuring alignment with professional standards (COBIT, NIST, ISO 27001).
- Oversee IT General Controls (ITGC) testing and automated application control assessments for SOX 404 compliance.
- Identify and evaluate complex IT risks related to systems, infrastructure, and data integrity.
- Review engagement workpapers for technical accuracy and ensure all findings are supported by robust evidence.
- Manage project budgets, resource allocation, and timelines to ensure successful delivery.
Relationship Management
- Act as a trusted advisor to C-suite executives and IT leadership, providing insights on emerging technology risks and mitigation strategies.
- Facilitate closing meetings to discuss audit findings and negotiate remediation plans with stakeholders.
- Drive business development by identifying service gaps at existing accounts and leading the preparation of proposals for new clients.
- Collaborate with financial audit teams to provide integrated audit solutions.
People Management
- Supervise, coach, and mentor senior and staff-level auditors, providing consistent performance feedback.
- Facilitate internal training sessions on specialized topics such as Cloud Security, Data Privacy, and AI Governance.
- Foster an inclusive team environment and participate in the recruitment of top-tier technical talent.
Qualifications
- Education: Bachelor's degree in Management Information Systems (MIS), Computer Science, Accounting, or a related field.
- Experience: 5+ years of experience in IT Audit, IT Risk Management, or Cybersecurity, preferably within a professional services or Big 4 environment.
- Technical Knowledge: Deep understanding of ITGCs, SOC reporting, and network security protocols.
- Communication: Exceptional written and verbal communication skills for presenting complex technical risks to non-technical stakeholders.
Preferred Qualifications
- Certifications: Professional certification such as CISA (required), CIA, CISSP, or CPA.
- ERP/Apps: Relevant experience in application security and ERP implementation projects (e.g., SAP, Oracle).
- Cloud/Data: Experience auditing cloud environments (AWS, Azure) and using data analytics tools (ACL, Tableau, PowerBI).
