The professional will be responsible for supporting Group Internal Audit Department in the design and implementation of the IT Internal Audit area, in alignment with best practices and tools available in the market.

• Support Department Head in planning and implementation of the Annual IT Internal Audit Plan;
• Lead the planning, initiation and execution of IT internal audit engagements, analyzing business processes, procedures and risks and assessing the effectiveness and efficiency of internal controls and compliance with policies and procedures;
• Execute the audit projects defined in the Annual Internal Audit Plan, within budgeted time and in accordance with best practices;
• Review audit projects working papers, ensuring completeness and assertiveness of the conclusions and propose control recommendations to mitigate risks of audited processes;
• Prepare the reports for assurance and consulting engagements;
• Hold project conclusions exit meetings, with key audit stakeholders and in presence of Management, to present and align on the audit results;
• Follow up on action plans implementation and remediation of audit findings, prepare status update progress report and perform retesting as required;
• Advanced command of IT environment and IT controls, namely Cybersecurity related;
• Play leadership role in IT Internal Audit projects and act as facilitator in between Group’s BU/Departments and with IT teams and IT liaisons where applicable to manage expectations and ensure cooperation to achieve objectives;
• Support Process Audit teams in specific IT related audit procedures, within execution of Process Internal Audits projects;
•  Demonstrate in day-to-day audit work key audit success mindset of due professional care, strong cooperation, transparency, fluid communication and timeline adherence.

• Post-graduate degree in Information Security and/or Cybersecurity;

• Experience in SOX and PDPA audits;

• Front and back office ERP knowledge (example: SAP);

• Knowledge with data analysis tool (example: ACL) and with dashboard tool (example: Tableau);

• Experience with vulnerability management tools;

• Command of frameworks of IIA Internal Audit profession in general and IT in particular (COBIT, NIST, ISO, ITIL, etc);

• Extensive experience in auditing and/or executing pen tests;

• Desirable Internal Audit and Information Security professional certifications (CIA, CISA, CISSP, CISM, CEH, GPEN…);

• Previous experience in Big 4 Company and knowledge of Retail Industry are a plus.

Education: Completed higher education degree in Computer Science, Management Information Systems (MIS), Information Security/Cybersecurity, Data Processing or Systems Analysis;

Seniority: Minimum 07 years of experience in the field of IT Audit, IT Risk Consulting, IT Risk Management,

Language:  Fluent in English & Vietnamese

Office skills: Excel, Power point, and MS word