IT Internal Auditor

Location:

Thailand - Bangkok, Thailand

Company: Gulf Group

Job Position

Perform risk assessments for new or existing information technology and operational technology systems.
Plan and develop audit programs according to the audit scope and objectives of information technology and operational technology frameworks such as IT General Controls, NIST, ISMS, or COBIT.
Evaluate the adequacy and effectiveness of internal controls for information technology and operational technology throughout the company’s business processes.
Perform follow-up audits on the findings identified in audit reports.
Utilize relevant information technology standards and methodologies to improve the effectiveness of GRC processes.
Perform other duties as assigned.

Bachelor’s degree or higher in Information Technology, Computer Science, Computer Engineering, Management of Information Systems (MIS), or related fields.
Minimum of 2 years’ experience in IT Internal Audit, IT Risk Management, or IT Security.
Solid understanding of Network Security fundamentals and Operational Technology (OT) Security concepts.
Active interest in technology with a growth mindset; regularly follows AI news, tools, and digital trends.
Strong knowledge of IT Audit standards, IT Security frameworks, and relevant laws/regulations.
High professional integrity, independence, and ability to maintain strict confidentiality.
Strong analytical thinking with the ability to write logical reports, present findings, and provide effective consulting/recommendations to stakeholders.
Experience in testing IT controls (e.g., IT governance, cybersecurity, ISO 27001, ISO 27701, SDLC) is highly desirable.
Prior experience as an IT Auditor from a Big 4 firm is an advantage.
Professional certifications such as CISA, ISC2, or equivalent is an advantage.
Ability to travel/work upcountry and abroad.
Fluent in English both written and verbal (Minimum 750 TOEIC score).
Goal–Oriented, Unity, Learning, Flexible