Associate - It Risk Assurance

About IT Risk Assurance:
Our focus is on creating effective and efficient design for the most important business, security and compliance processes for our clients. We touch on aspects of application security and areas prone to fraud and financial misstatement, and streamline processes that are part of our clients&039; core businesses so they can get higher returns on key investments. Using innovative and proprietary technologies, we help to bridge the gap between business stakeholders, compliance functions and IT teams to assist their understanding of how to embrace new ways of working, while limiting their financial and operational risk profiles. We use knowledge of financial system design, risk mitigation, business process design, data integrity, security and use of data analytics.
Responsibilities:
• Work closely with the Audit team to perform assessments of the technical and general IT controls, infrastructure security, database security and business process/application controls
• Deliver IT risk management, controls and process advisory projects for our clients
• Work closely with the IT Risk Assurance and Cybersecurity team to perform the following:
• Assist in marketing and business development, including making proposals and meeting prospective clients
• Continuously research new technology infrastructure, cyber security trends and security architecture changes, security standards, security systems and authentication protocols
• Identify, analyse and discuss with audit clients the IT audit risks they face and propose recommendations
• Develop requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, IDS and related network devices
• Execute source code reviews (analyse source code on a line- by- line basis)
• Execute network, application and operation system vulnerability assessments
• Manually validate report findings to reduce false positives
• Prepare management letters for audit clients or final reports for advisory clients
• Prepare and communicate working schedules to clients
• Document working papers in a timely manner
• Use automated tools (e.g. Nessus) to pinpoint vulnerabilities and reduce time- consuming tasks

• Experience in IT controls, or risk management, accounting or business processes, or system implementation, or IT project assurance
• Intermediate coding experience or use of data technology such as SQL, Alteryx, Celonis, Power BI or Python will be an advantage
• Good interpersonal skills and reasonable command of English and Vietnamese languages
• Experience in ERP reviews, audits or implementation or advisory roles in areas such as SAP, Oracle, JDE, Dynamics or Peoplesoft will be an advantage

Opportunity to develop and apply technologies that help clients to enhance efficiencies, get higher returns on investment and mitigate risks.
Khác

Cập nhật gần nhất lúc: 2024-12-08 22:20:03