Risk & Audit Senior
Our client is a leading organisation committed to maintaining high standards of technology governance, security, and compliance. They foster a collaborative and professional work environment where expertise and integrity are valued. This role involves providing expert advice across multiple technology domains, conducting risk assessments, leading IT audit processes, and supporting key business initiatives. The position is vital for ensuring the organisation’s compliance with regulatory requirements and internal policies, contributing to the overall security and resilience of their operational infrastructure.
Role Overview:
The Risk & Audit Senior plays a crucial role within the organisation's internal audit and risk management team. They are responsible for delivering high-quality risk assessments, leading IT audits, validating issues, and providing governance insights. Their expertise supports the organisation’s efforts to uphold regulatory compliance and manage complex control challenges effectively.
Key Skills & Experience:
• Over 5 years of IT audit experience, including auditing IT systems, infrastructure, and processes
• Bachelor's degree or equivalent professional experience, preferably in Technology or related fields
• Relevant certifications such as CISA, CISSP, CRISC, CEH, or CGEIT are highly desirable
• Familiarity with ISO standards (e.g., ISO27001, ISO9001) is advantageous
• Strong knowledge of cybersecurity controls, including vulnerability and patch management, malware protection, data loss prevention, intrusion detection, crisis management, and incident response
• Experience with data governance, technology infrastructure security, change management, application development, production management, and cloud environment audits
• Practical experience with data analytics and a good understanding of source code is beneficial
• Flexibility to undertake additional assignments and willingness to travel 30–50% of the time
Key Responsibilities:
• Provide subject matter expertise across technology domains, including Infrastructure, Applications, Cybersecurity, Resilience, Governance, and Compliance
• Conduct risk assessments, business monitoring, and audit execution, ensuring timely delivery of audit reports
• Lead and execute IT audit processes, validate issues, and offer governance insights
• Support key initiatives by offering proactive advice on change projects and technology implementations
• Develop and contribute to management action plans by identifying practical solutions to complex control challenges
• Review audit findings, recommend corrective actions, and present innovative risk and control solutions
• Assess risks to inform business decisions, ensuring adherence to applicable laws, regulations, and policies
• Uphold ethical standards and manage reportable control issues transparently
Requirements:
• Bachelor’s degree or equivalent professional experience in Technology or related fields
• Over 5 years of IT audit experience with exposure to IT systems, infrastructure, and processes
• Relevant certifications such as CISA, CISSP, CRISC, CEH, or CGEIT highly desirable
• Knowledge of ISO standards (e.g., ISO27001, ISO9001) is a plus
• Willingness to work onsite at the organisation’s location
• Ability to travel 30–50% of the time
Candidates are invited to apply by sending their CV, with the job title as the subject line, to T.Wong@GravitasGroup.com.
