- Kuala Lumpur Federal Territory Malaysia
ACCA Careers Hiring! Full Time Manager, Risk Consulting (IT Audit) in Federal Territory - Ricebowl
Share
Save
Working Location
Job Description
Responsibilities
Role Overview
The IT Audit Manager for Cybersecurity, Vulnerability Assessment and Penetration Testing is a senior individual contributor and team lead responsible for driving a risk-based technology audit programme. The role provides independent assurance over our client’s cybersecurity posture, information security controls, vulnerability management lifecycle, and compliance with ISO/IEC 27001:2022 and applicable regulatory frameworks.
Key Responsibilities
The IT Audit Manager for Cybersecurity, Vulnerability Assessment and Penetration Testing is a senior individual contributor and team lead responsible for driving a risk-based technology audit programme. The role provides independent assurance over our client’s cybersecurity posture, information security controls, vulnerability management lifecycle, and compliance with ISO/IEC 27001:2022 and applicable regulatory frameworks.
Key Responsibilities
- Develop and execute a risk-based annual IT Audit Plan covering cybersecurity domains, emerging threats, and regulatory requirements.
- Lead end-to-end audit engagements from planning through to reporting, including scoping, fieldwork, evidence collection, and remediation tracking.
- Perform technical reviews of security architectures, network configurations, access controls, cloud environments, and third-party integrations.
- Assess the organisation's cybersecurity programme against frameworks such as NIST CSF, CIS Controls, and ISO/IEC 27001.
- Plan, execute and oversee VAPT engagements covering network infrastructure, web applications, mobile applications, and cloud environments.
- Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity, Information Systems, or a related field.
- Possess related professional certifications such as CISA, CEH, OSCP, CISM, CISSP, etc.
- Minimum of 6 years of progressive experience in IT audit, cybersecurity, or information security assurance, including at least 3 years in a supervisory or managerial role leading IT audit or security teams.
- Demonstrated hands-on experience in conducting or overseeing VAPT engagements (network, web application, and cloud).
- Experience in financial services, banking, telecommunications, or regulated industries is preferred.
- Proficiency with penetration testing tools such as Metasploit, Nmap, Burp Suite, Nessus, Qualys, OpenVAS, Nikto, OWASP ZAP.
Important Information
Never provide your bank or credit card details when applying for jobs. Do not transfer any money or complete unrelated online surveys. If you see something suspicious, Report this Job ad.
Learn More
