Internal IT Security Auditor

Job Title: Internal IT Security Auditor
Contract Type: Permanent
Location: Chiyoda-ku, Japan
Salary: 8000000 - 14000000
Reference: 10609
Contact Name: Vinod Kumar
Job Published: September 13, 2018 09:00

Job Description


Review and analyse the system, processes, risk and controls from the viewpoints of compliance, operations, and financial reporting risk. - Assess and report on Cyber Security control effectiveness in infrastructure and application level. - Recommend and facilitate the control improvement and/or remediation. The ideal candidate should have the work experience in IT audit and/or IT risk management consulting roles. Candidates with up-to-date IT knowledge with the audit or control background may also fit to this role.


Security Control Assessment

- Perform vulnerability testing, risk analyses and security assessments.

- Carry out IS and IT risks assessment to IT controls and processes and define assessment criteria for control enhancement.

Security Control Review & Advisory

- Work with our internal customers and develop the understanding of the IT environment. (process, application, policies)

- Provide control advisory or recommendations for the enhancements which align with the business strategy.

Cyber Security Advisory

- Research and anticipate security alerts, incidents and disasters that may potentially impact our operations.

- Support management in decision making with recommendation to IT control enhancements to improve the defence to cyberattack.

GAP Analysis

- Review IT processes based on company IS Chart of Controls and IPG policies and perform a gap analysis.

- Support IS team and/or business functions to implement actions plan.

SOX Testing on IT Controls

- Plan the testing approach on IT controls in scope for SOX, perform and document the walkthrough and the testing based on the company Instructions.

- Ensure that the controls are in place and operating effectively, or test the remediation's if any deficiencies.

 Collaboration with Internal or External Specialists

- Collaborate with 3rd party specialists or consult with company IS or IPG and recommend on the security plan/strategy.


- A minimum of two years of IT audit, IT risk management consulting, Internal Control, Audit, or similar roles - Fluent in English

- Excellent understanding of IT risk assessment and audit procedures

- Excellent organization skills and ability to manage multiple projects and deadlines

- Energetic, highly motivated, willing to take on challenges, ability to function as a team player or work independently

- University Degree