Assistant Manager, SOX IT
Life at Grab
At Grab, every Grabber is guided by The Grab Way, which spells out our mission, how we believe we can achieve it, and our operating principles - the 4Hs: Heart, Hunger, Honour and Humility. These principles guide and help us make decisions as we work to create economic empowerment for the people of Southeast Asia.
Get to know the Role:
We are looking for a team member to perform SOX Compliance testing over IT General Controls and IT Automated Controls. We believe a successful candidate has ample IT audit and risk advisory experience in the technology industry, but if you believe you have what it takes then we’d love to hear from you either way. In return, you will get an opportunity to apply your expertise and be the internal go-to person on IT risks and controls.
The day-to-day activities:
- Report to the Regional Financial Systems IT Control Partner
- Responsible for ITGC and ITAC SOX Compliance testing and documentation
- Collaborate with SOX team, Finance, Operations, Group Technology Services and Engineering to understand, evaluate and test IT controls
- Assess deficiencies identified, work with stakeholders to identify action plans and follow-up on remediation activities to verify resolution
The must haves:
- A good Degree in Business, Engineering, Information Technology (IT) or related disciplines with IT focus (additional Accounting qualification a plus)
- 3-6 years of IT audit and risk advisory experience (including Sarbanes-Oxley)
- Proven track record in assessing IT General Controls (access management, system lifecycle and change management processes, networking, operating systems, databases, software, information security, disaster recovery)
- Excellent analytical ability to understand business issues associated with IT processes and related risks and controls, identifying root causes and recommending solutions
- Strong verbal and written communication and presentation skills
- Proficiency in productivity tools (Google suite, email, calendar, Word, Excel, PowerPoint).
- Ability to think on your feet and work independently in a fast paced start-up environment.
Experience and knowledge in the following:
- IT Audit and Control experience in Big 4 or leading organisations, with a focus on the technology and/or online Internet economy sector
- Strong understanding of SOX 404, or other control requirements (Eg. MAS TRM)
- Knowledgeable with current industry standards such as COBIT
- Demonstrated ability to follow through and complete tasks within tight deadlines
- Knowledge and understanding of internal controls, IT security controls risks assessment, management and governance, fraud, auditing techniques and methodologies
- Strong technical competencies and capabilities in audits of infrastructure, network and applications of different platforms managed by different departments or teams.
- Able to work independently, a good team player and resourceful with good interpersonal and communication skills.
- Strong confidence for interaction with key stakeholders.
- Candidates with the above attributes and with CISA / CISSP certification, data analytics and/or data science capabilities would have strong advantages.
- International exposure (US & APAC)
We are committed to building diverse teams and creating an inclusive workplace that enables all Grabbers to perform at their best, regardless of nationality, ethnicity, religion, age, gender identity or sexual orientation and other attributes that make each Grabber unique.
For further information, and to apply, please visit our website via the “Apply” button below.
Candidates must be resident in Malaysia, or have the right to work in Malaysia.