Senior Consultant (IT Auditor)

Discover your 100% YOU with us!

Position: Senior IT Auditor and Cybersecurity Consultant
Location: Eastwood, Quezon City
Work setup & shift: Hybrid (3x onsite / 2x wfh) l Dayshift

Why join us?

You'll have:

Competitive Rewards: Enjoy above-market compensation, healthcare coverage on day one, plus one or more dependents, paid time-off with cash conversion, group life insurance, and performance bonuses
A Collaborative Spirit: Contribute to a positive and engaging work environment by participating in company-sponsored events and activities.
Work-Life Harmony: Enjoy the balance between work and life that suits you with flexible work arrangements.
Career Growth: Take advantage of opportunities for continuous learning and career advancement.
Inclusive Teamwork: Be part of a team that celebrates diversity and fosters an inclusive culture.


Join our multinational network of accounting firms, forming the sixth-largest accountancy professional services network in the world by revenue.

Your Role:
As a Senior IT Auditor and Cybersecurity Consultant, you will:

Perform IT / Cyber / Business Continuity / technology risk assessments, technical security related reviews, assess the effectiveness of processes/controls and risks related to third party organisations.
Executing and completing individual IT, cyber security and resiliency audits and special project reviews relating
to various applications, IT infrastructure and other relevant IT domains.
Conducting independent risk-based IT, cyber security and resiliency assessments to assess the adequacy and
effectiveness of internal controls, the reliability and integrity of the client’s business and IT systems.
Leasing consulting and audit engagements simultaneously with numerous engagement team members per
audit, including assisting with planning, execution and scheduling staff.
Undertaking or arranging to undertake special consulting or other reviews as required. These may include
system software reviews, new system development technical evaluations, post implementation reviews,
contingency planning reviews, logical / physical access reviews and installation reviews.
Assist in the planning of client deliverables (i.e. strategic internal audit plan, scope documents).
Responsible for the execution of fieldwork and documentation of findings (i.e. maintain the audit file).
Providing IT general controls and application controls audit support to external audit.
Determining the objectives, scope and extent of each audit and ensure that the audit is professionally and
efficiently completed within deadlines.
Assist in business development activities of the firm.
Coordination with other divisions.
Address technical issues and assist in preparing technical position papers.
Undertaking development of team members.
Assisting with management and co-ordination of the audit team including training, mentoring and methodology compliance.
Identifying opportunities for improvement to operational efficiencies and effectiveness.
Maintaining appropriate and adequate documentation for each audit to a standard as required by auditing
standards.
Identification of findings and issues, and assisting in the drafting of client reports and discuss with relevant management as required.
Liaising, and presenting audit results to information system staff and client management.
Remaining abreast with technological enhancements in auditing and IT.

What You Need:

Minimum 5 year’ Professional Services experience in Cyber / IT technical delivery, Business Continuity, IT audit, internal controls, or risk management.
Experience performing security risk assessments, testing or auditing of cybersecurity or information security standards or governance frameworks (e.g. one or more of COBIT, NIST Cyber Security Framework, ASD Top 35 and Essential Eight, PCI DSS, CIS Critical Security Controls Top 20, PSPF, Australian Government Information Security Manual, VPDSS, ISO/IEC 27001, Cloud Security Alliance Guidance, Australian Privacy Principles, GDPR).
Experience with leading engagements on Business Continuity (BCP), IT Disaster Recovery (IT DRP), assessment of recovery plans for critical applications and systems, Incident management as well as review against frameworks such as ISO 22301, BS 25999
Experience in performing engagements where teams are completing various technical testing assessments and be able to translate technical findings and articulate recommendations for non-technical client staff.
Demonstrated knowledge of control best practices in IT general controls and applications.
Must be amenable to a hybrid setup at our Harton, Parañaque / Eastwood, Quezon City office. First month is onsite for training.
Can start ASAP