Job Description Assist in planning and lead/perform controls assessment/evaluation of IT systems, applications, security and general controls (i.e., assess design and test operating effectiveness) Help develop the IT assurance strategy aligned with the current and future risks Benchmark the IT risk management programs with other businesses and best practices Act as the go between Internal Audit and IT for matters such as information security, change management, access controls, etc. Perform process or operations audits as needed and assist in ad hoc investigations and advisory risk and control services to operational management, as required Progress the data-based risk identification program, where possible and applicable Support the Internal Audit Managers and Head in other areas of promoting good governance and risk management within Petron (and the wider SMC Group, as needed) Establish and promote consistent policies, processes and sharing of best practices Embody, endorse and promote Petron core ethical and governance principles and policies Qualifications Must possess a degree in Accounting/Accountancy, Internal Audit or Information Technology related courses Certified Public Accountant (CPA) or Certified Information System Auditor (CISA) certifications required Must have at least three (3) years IT auditing experience in the Big 4 or in a major local or international organization IT internal audit experience with relevant experience in but not limited to IT general and application controls, IT security and data protection, change management, logical and physical security, back up and disaster recovery, business continuity, and data analytics Good understanding of information security standards and best practices and comprehensive understanding of internal control environment within the IT function Proficient knowledge of internal auditing, IT internal controls and risk management, and working knowledge of finance and accounting practices and methods Strong verbal and written communication skills and ability to communicate effectively with technical and non-technical stakeholders Excellent analytical and organizational skills and strong attention to detail Able to work in a matrix structure with various stakeholders, including senior management Strong relationship building skills and ability to work across all levels of the organization Strong professional and ethical integrity. Show more Show less