Assurance Senior implementing planned audit procedures for clients at EY Guam. Responsible for coordinating audits and maintaining client relationships while ensuring compliance with standards.
About the role
- Lead IT Auditor & Tech Risk Expert reporting to the Group Risks & Control Department. Conduct complex IT audits, advise on cybersecurity and compliance, and drive improvements in IT risk governance.
Responsibilities
- As a Lead IT Auditor & Tech Risk Expert, you will play a pivotal role in strengthening the Group’s control environment and technology resilience.
- Reporting to the Group Risks & Control Department, you will independently lead complex IT audit engagements while serving as a senior expert on technology risks, cybersecurity, compliance, and governance.
- You will join a team that bridges Permanent Control (risk management, compliance, cybersecurity, data protection) and Periodic Control (internal audit), enabling cross-functional work and direct contributions to the Group’s risk governance and long-term stability.
- Design, plan, and independently execute IT audit assignments covering the Group's critical systems, infrastructure, applications, cloud environments, and processes.
- Assess the robustness of IT controls and test their application: access management, system security, backups and restoration, configuration, business continuity, change management, logging, and more.
- Perform in-depth technical tests, analyze root causes, and challenge the operational effectiveness of control mechanisms.
- Prepare clear, structured audit reports summarizing findings, associated risks, and actionable recommendations.
- Track the implementation of audit recommendations and remediation plans and evaluate their effectiveness over time.
- Collaborate with cybersecurity, compliance, internal control, internal audit teams, and IT to ensure a comprehensive view of IT and operational risks.
- Assess alignment of IT practices with internal policies, regulatory requirements (GDPR, NIS2, etc.), and recognized governance and control frameworks (ISO 27001, NIST, COBIT, ITIL).
- Identify and analyze technology-related risks affecting data security, availability, integrity, and confidentiality.
- Maintain a high level of expertise in technologies, architectures, cyber threats, standards, and audit methodologies.
- Act as an internal expert on IT audit, technology security, and risk management topics.
- Propose areas of innovation to modernize IT auditing and deepen analytical capabilities.
Requirements
- 5–8+ years of relevant experience in IT audit, cybersecurity, IT risk management, or technology assurance.
- Strong knowledge of IT governance, risk management, and internal control frameworks (e.g., COBIT, ITIL, ISO 27001, NIST).
- Solid understanding of IT infrastructure, networks, databases, cloud environments, and cybersecurity principles.
- Ability to analyze complex IT systems and identify operational and security risks.
- Proven experience conducting IT audits, including planning, testing, and reporting.
- Familiarity with regulatory and compliance standards (e.g., GDPR, PCI DSS, NIS2).
- Excellent analytical and problem-solving skills with a detail-oriented mindset.
- Strong written and verbal communication skills for clear and effective reporting and presentation of audit results.
- Ability to work independently while collaborating with IT and business teams.
- Degree in Computer Science, Information Systems, Cybersecurity, Engineering, or a related field.
Benefits
- Variable bonus
- Employee profit-sharing & incentive schemes
- Remote work available up to 2 days per week
- Online language-learning platform
- CSE (employee representative committee) benefits and related perks
- CESU vouchers (employee service vouchers) and holiday vouchers
- Access to company catering and connected fridges (Foodles, Kumo, Bolk)
- Access to on-site gym facilities
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Auditor leading audit engagements at EY to improve risk management and governance processes. Collaborating with financial entities to understand operations and delivering quality auditing services.
Auditor I assisting in financial, compliance, and operational audits at BlueCross BlueShield. Conducting audits and recommending corrective actions to improve processes.
Senior Analyst in Audit at Nitro, focusing on continuous auditing and analytics with Agile approach. Developing data - driven mechanisms to monitor risks and processes effectively.
ISO 27001 Auditor conducting audits based on ISO/IEC 27001 standards at Bureau Veritas. Ensuring compliance and effectiveness of organization's ISMS with relevant auditing guidelines.
Construction Grants Auditor providing grant compliance expertise on construction projects. Supporting government clients with monitoring initiatives and ensuring adherence to regulations.
Principal Auditor overseeing audit activities for Swiss Re in Asia Pacific, providing assurance to stakeholders. Collaborating with teams to assess risks, controls, and deliver audit insights.
Auditor managing international internal business process audits for EOS Holding. Analyzing compliance, efficiency, and security of operations with reporting responsibilities.
Senior Staff Auditor responsible for audits in Consumer Lending at Capital One. Focusing on operational and compliance audits for the US Card and Auto Finance businesses.
Senior Staff Auditor focused on conducting operational and compliance audit projects at Capital One. Delivering high - quality assurance services and working collaboratively within a dedicated audit team.