Regional Financial Systems IT Control and SOX Lead

Job Description:

Get to know the Role

We are looking for a Regional Financial Systems IT Control and SOX leader to provide Finance Operations and IT advisory on the adequacy of internal controls over financial reporting. We believe a successful candidate has ample IT audit, Sarbanes-Oxley (SOX) and risk advisory experience in the FMCG, Technology/FinTech, and/or Retail industries, but if you believe you have what it takes then we’d love to hear from you either way. In return, you will get an opportunity to apply your expertise and be the internal go-to person on Finance Operations and IT risks and controls.

The day-to-day activities:

Report to the Head of ICSOX

• Define, implement and maintain the internal IT SOX controls framework to ensure compliance with requirements of the Sarbanes-Oxley Act (SOX). This includes efforts around all internal controls over financial reporting (ICFRs) with a focus on IT General Controls (ITGCs) as well as IT Application Controls (ITACs). These will be performed in collaboration with stakeholders including Finance, Operations, Group Technology Services and Engineering.
• Assess deficiencies identified, work with stakeholders to recommend remediation plans/ strategies, and perform validation on remediation actions.
• Handle IT risk and control matters with internal and external parties.
• Perform risk-based assessments, understand, evaluate and advise the business environment and related IT internal controls.
• Coordinate and manage IT audit engagements/ SOX testing (e.g. artifact requests, issue responses) with external auditors.
• Develop and maintain business relations with senior management, and be the trusted risk and controls advisor on IT-related matters.

The must haves:

• A good Degree in Business, Engineering, Information Technology (IT) or related disciplines with IT focus
• Professional certification (e.g., CISA)
• 12-15 years of audit and risk advisory (including Sarbanes-Oxley) experience.
• Excellent command of English
• Proficiency in productivity tools (Google suite, email, calendar, Word, Excel, PowerPoint).

Experience and knowledge in the following:

• Leadership skills, with strong confidence for interaction with senior stakeholders.
• Knowledgeable with current industry standards such as COBIT
• IT Audit and Control experience in Big 4 or leading organisations, with a focus on the technology and/or online Internet economy sector
• Demonstrated track record in leading engagements within a professional services or consulting environment, combined with ability to work in teams effectively
• Strong verbal and written communication skills
• Good presentation skills, both oral and written
• Able to work in a fast paced environment
• Excellent project management skills and a demonstrated ability to follow through and complete tasks within tight deadlines
• Knowledge and understanding of internal controls, IT security controls risks assessment, management and governance, fraud, auditing techniques and methodologies
• Strong technical competencies and capabilities in audits of infrastructure, network and applications of different platforms managed by different departments or teams.
• Able to work independently, a good team player and resourceful with good interpersonal and communication skills.
• Candidates with the above attributes and with CISA / CISSP certification, data analytics and/or data science capabilities would have strong advantages.
• Strong understanding of MAS TRM, or other control requirements (Eg. SOX 404)
• Minimum University Degree in IT (additional Accounting qualification a plus)
• Proven track record in assessing IT General Computer Controls (networking, operating systems, systems software, information security, disaster recovery, system lifecycle and change management processes), conducting project reviews and in performing data analytics and CAATS script writing
• International exposure (US & APAC)