We are a world-leading smart mobility SaaS company with over 2,000,000 subscribers across 23 countries and we are looking for a Senior Manager, IT SOX to join our team. Our teams are collaborative, vibrant and fast-growing and all team members are empowered with the freedom to influence our business with ideas that drive innovation and efficiency.
Responsibilities:
Report to the Group Head, SOX Internal Controls and Risk.
Define, implement and maintain the internal IT SOX controls framework to ensure compliance with requirements of SOX. This includes efforts around all internal controls over financial reporting (ICFRs) with a focus on IT General Controls (ITGCs) as well as IT Application Controls (ITACs). These will be performed in collaboration with stakeholders including Finance, Operations, Technology Services and Engineering.
Assess deficiencies identified, work with stakeholders to recommend remediation plans/ strategies, and perform validation on remediation actions.
Handle IT risk and control matters with internal and external parties.
Perform risk-based assessments, understand, evaluate and advise the business environment and related IT internal controls.
Coordinate and manage IT SOX testing with external auditors.
Develop and maintain business relations with senior management, and be the trusted risk and controls advisor on IT-related matters.
Requirements:
A good degree in Engineering, Information Technology (IT) or related disciplines with IT focus.
Professional certification (e.g., CISA, CISSP).
10-15 years of audit and risk advisory (including SOX) experience.
Knowledge of programming languages (e.g., Python, Java, or C++).
Proficiency in productivity tools (e.g., MS Word, Excel, PowerPoint).
Excellent command of English.
Experience and knowledge in the following:
Leadership skills with strong confidence for interaction with senior stakeholders.
Knowledgeable with current industry standards such as COBIT.
IT audit and control experience in Big 4 or leading organizations, with a focus on the technology and/or online internet economy sector.
Demonstrated track record in leading engagements within a professional services or consulting environment, combined with ability to work effectively in teams.
Good presentation skills, both oral and written.
Able to work in a fast-paced environment.
Excellent project management skills and a demonstrated ability to follow through and complete tasks within tight deadlines.
Knowledge and understanding of internal controls, IT security controls, risk assessment, management and governance, fraud, auditing techniques and methodologies.
Strong technical competencies and capabilities in audits of infrastructure, network and applications of different platforms managed by different departments or teams.
Able to work independently, be a good team player, and be resourceful with good interpersonal and communication skills.
Candidates with the above attributes and with CISA / CISSP certification, data analytics, and/or data science capabilities would have a strong advantage.
Proven track record in assessing IT controls (networking, operating systems, systems software, information security, disaster recovery, system lifecycle and change management processes), conducting project reviews and performing data analytics.
International exposure (US & APAC).
