EY Information Security Audit Manager Mandarin Speaking 

Philippines, Taguig 

834019161

The primary function of the Information Security Audit Manager is to assist in planning and performing IT-related audit procedures. The role requires applying IT-related data analytics and security controls knowledge to deliver high quality engagements, addressing financial, operational and compliance risks and

Your key responsibilities

• Liaise with internal auditors, external auditors, vendors and outside consultants as necessary for independent security audits
• Interact with control owners to understand and document the ITGC and other security controls place for key infrastructure and applications
• Document security controls based on the information provided by control owners
• Understanding the data flows between system and advising business on appropriate IT controls to implement
• Collect and monitor progress of auditor’s evidence collection
• Work with stakeholders to document corrective actions, assess risk

and track remediation and report progress

• Identify risks and escalates potential project issues to management as required
• Monitor remediation activities and assist teams with addressing security findings

Skills and attributes for success

• Experience in IT and application audits
• Working knowledge of common control frameworks like COBIT
• Strong English language skills are required – written and verbal
• Good time management, interpersonal, communication, organizational, and decision-making skills
• Fluency in MS Office (Word, Excel, PowerPoint)

To qualify for the role, you should have:

• At least 5 years of work experience applying relevant IT audit skills in audit engagements
• At least 3 years of experience in a supervisory/managerial capacity leading IT audit
• At least 3 years of experience as the supervisory senior/manager responsible for all of the following:
  - Supervising audit professionals performing IT general controls
  - Audit quality inspection processes, including internal and/or external inspection processes.
• Maintain awareness of the current security threat landscape and information security frameworks (ISO27001, SOC 1 and SOC 2)
• Thirst for knowledge and desire to develop your career
• Ability to team well with others to facilitate, schedule, and coordinate required audit activities
• CISA, CIA, CISSP or CISM certification is a plus
• Ability to speak in Mandarin will be a plus

What we offer

• Continuous learning:You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you:We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership:We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture:You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.