Senior IT Auditor

Let’s be #BrilliantTogether

Overview

ISS STOXX is growing! We see self-motivated Senior IT Auditor who will be responsible for executing end-to-end audit engagements that assess the control design adequacy, operational effectiveness of the organization’s Information Systems and Technology environment. This role requires extensive audit experience, strong knowledge of IT processes and controls, and familiarity with relevant IT frameworks.

Responsibilities

• Conduct information technology (IT) audit reviews by developing engagement audit strategy and approach, crafting work programs and procedures, conducting actual testing, communicating audit results, and providing value-add recommendations

• Works independently on assigned IT audits and projects with minimal management oversight and guidance

• Effectively communicate audit issues and related recommendations in both technical and non-technical terms to IT, Application Development, and Senior Management

• Prepare clear, evidence-based audit reports, presenting findings to audit clients in a professional and constructive manner, and providing practical, risk-focused recommendations that strengthen IT controls, improve compliance, and enhance operational resilience

• Participate in annual audit planning and risk assessment process by assisting in the maintenance of audit universe, collaboration with IT and Development groups to understand the IT environment and assess associated risks and establishing a robust IT Audit plan

• Maintain awareness of changes in IT industry standards, best practices, and risk landscape to maintain professional competence

• Advise and collaborate with key stakeholders regarding IT Risk, internal controls, and process improvement opportunities

Qualifications

• Bachelor’s degree in Accountancy /Finance/ Computer Science/ Information Systems or related field

• Minimum of 7 years work experience in IT audit or other relevant experience (e.g., IT Governance/ Information Security/ IT Compliance / IT Risk)

• Working knowledge on the following IT-related processes: a) IT General Controls; b) Cyber/ Information Security and Data Privacy; c) IT Operations; d) IT Governance and risk management process; e) Business Continuity Management; f) Systems Development Life Cycle; g) Change Management; h) IT Application Controls

• Familiarity with IT control frameworks and standards such as COBIT, ITIL, NIST-CSF, and ISO 27001

• Demonstrated success in identifying IT and security risks in a complex technology environment and providing recommendations on controls/processes to mitigate the risks

• Proficient in MS Office and experienced in navigating common ERP or CRM systems

• Well-developed organization and project management skills with proven ability to effectively manage time, prioritize, and handle multiple concurrent tasks

• Good written and verbal communication skills, ability to communicate from process owners to senior management

Experience working with any of the following would be a plus:

• With professional certification in IT audit, IT risk and governance, and information security (e.g. CISA/ CISSP/ COBIT5/ ISO 27001 Lead Auditor/ CRISC)

• Audit experience in Financial Services industry (global firm or shared service set-up)

• With audit firm experience in Risk/ IT Advisory services

• Working knowledge of SOC1, SOC2 and/or data privacy reviews

• Experience in development, integration, and application of data analytics in audit methodology

• Experience in annual audit planning exercise

• Working knowledge of one or more cloud environments (AWS / Azure / GCP)

• Highly proficient in Excel, with strong ERP and CRM background and knowledgeable in the use of any audit analytics tool (ACL/ IDEA/ Power BI/Tableau)

Work Location & Schedule:

• Amenable to work in a morning shift (8: 30 am- 5:30 pm, Manila Time) at Makati City

• Amenable to work in a hybrid work arrangement (Mondays to Fridays; at least 3 days onsite work per week)

#LI-NS1

#ASSOCIATE

#Finance

What You Can Expect from Us

At ISS STOXX, our people are our driving force. We are committed to building a culture that values diverse skills, perspectives, and experiences. We hire the best talent in our industry and empower them with the resources, support, and opportunities to grow—professionally and personally.

Together, we foster an environment that fuels creativity, drives innovation, and shapes our future success.

Let’s empower, collaborate, and inspire.

Let’s be #BrilliantTogether.

About ISS STOXX

ISS STOXX GmbH is a leading provider of research and technology solutions for the financial market. Established in 1985, we offer top-notch benchmark and custom indices globally, helping clients identify investment opportunities and manage portfolio risks. Our services cover corporate governance, sustainability, cyber risk, and fund intelligence. Majority-owned by Deutsche Börse Group, ISS STOXX has over 3,400 professionals in 33 locations worldwide, serving around 6,400 clients, including institutional investors and companies focused on ESG, cyber, and governance risk. Clients trust our expertise to make informed decisions for their stakeholders' benefit. 

Visit our website: https://www.issgovernance.com       

View additional open roles: https://www.issgovernance.com/join-the-iss-team/      

Institutional Shareholder Services (“ISS”) is committed to fostering, cultivating, and preserving a culture of diversity and inclusion. It is our policy to prohibit discrimination or harassment against any applicant or employee on the basis of race, color, ethnicity, creed, religion, sex, age, height, weight, citizenship status, national origin, social origin, sexual orientation, gender identity or gender expression, pregnancy status, marital status, familial status, mental or physical disability, veteran status, military service or status, genetic information, or any other characteristic protected by law (referred to as “protected status”).  All activities including, but not limited to, recruiting and hiring, recruitment advertising, promotions, performance appraisals, training, job assignments, compensation, demotions, transfers, terminations (including layoffs), benefits, and other terms, conditions, and privileges of employment, are and will be administered on a non-discriminatory basis, consistent with all applicable federal, state, and local requirements.