ACinfotec is a leading IT Governance, Risk and Compliance (GRC) consulting services provider. Our expert team provides a range of services including consulting, assessment, training and solutions based on ISO 27001, ISO 20000, ISO 22301, ITIL, BCM, COBIT, PCI DSS, NIST and other IT standards. We are seeking highly capable professionals to join our team. At ACinfotec, you will access to vast array of knowledge and the opportunities to work in challenging and inspiring projects of high-end customers.

Senior IT Auditor (Cybersecurity/ Privacy/ Risk management)

Key Responsibilities and Requirements:

Are you looking for a position that will leverage and grow your technology skills, expand your knowledge of technology and digital businesses, and provide opportunities to help organization to identify and solve IT problems?

As Senior IT Auditor, you will lead the planning, scoping, execution, and reporting of audits based on identified risks. Audit topics may include IT security, data privacy, IT general controls, IT application controls, IT standard and regulation compliance, among others.

You must be able to understand complex business processes and underlying technology to identify the full range of risks related to processes, regulatory compliance, organization, policy, people and technology.

You need a broad technical background and the ability to learn new technology concepts quickly. You must be comfortable in performing as a solo auditor, teammate, and manager concurrently.

You should be able to translate technical risks into business issues. You must prioritize findings and recommendations. You should be able to facilitate multiple stakeholders to agree on appropriate solutions and verify that risks are mitigated properly.

You must be an excellent writer who can effectively communicate complex technical issues into easy to understand business terms. You must be a strong project manager who can manage a team and conduct your own audits from beginning to end. You must be able to manage and execute multiple projects simultaneously.

Base Qualifications:

• Thai Nationality
• Bachelor degree in information systems, computer science, computer engineering, business or related field.
• 2+ years of experience with IT and Operations auditing, risk management, IT Compliance, Information Security, IT program or project management.

Preferred Qualifications:

• Master degree in business administration, information systems, computer science, computer engineering, business or related field.
• Strong risk management experience, including experience in performing IT audits, designing controls, managing enterprise control frameworks, and prioritizing risk.
• A fast learner who can quickly understand and perform new audit practice.
• Understanding of modern and emerging technology is a plus.
• Excellent written and verbal communication skills. You must prepare reports, develop presentation and communicate to senior management. You will need to interact and communicate with various levels of employees.
• Strong analytical skills. Proven experience in analyzing data and situations to identify critical point.
• Hold relevant certifications such as CISA, CISSP, CISM or ISO 27001 is preferred
• Experience with process improvement methodology such as PDPA, Kaizen, Six sigma
• Passionate about the audit combined with experience in managing a team.

This position offers a great opportunity to learn and experience world-class IT practices and leading global IT movement, plus close engagement with the nation’s top-class organizations. Our policy is to create the best place to work for IT professionals with a lot of learning and training opportunities. If you feel that you have what it takes to join our company, do not hesitate to contact us.

Please provide a detailed CV including a summary of your education, past experience and also the salary expectation and e-mail to [email protected]