senior it & cloud assurance auditor (regional/global focus).

The ideal candidate will move beyond traditional compliance checks to act as a hands-on Subject Matter Expert (SME), setting up, executing, and defining the future audit protocols for these high-risk, high-value systems across the region. We are building a culture based on technical mastery and direct assurance, rather than rigid hierarchy.

about the job
Cybersecurity Audit Program (Execute/Perform)

• Hands-On Execution: Lead and execute end-to-end technical cybersecurity audits, focusing on every aspect of the control environment, from design effectiveness to operational execution.
• Program Setup: Contribute to the design and implementation of the regional cybersecurity audit program, detection methods, and risk assessment frameworks.
• Policy & Compliance: Assess the proper use of security tools, firewalls, and data leakage prevention (DLP) systems, and ensure compliance with regional APAC regulations.
• Incident Response: Audit the effectiveness of security incident response, breach detection, and reporting protocols.

SAP HANA Audit

• Technical Audit: Plan and perform comprehensive audits of SAP HANA systems, focusing on the integrity of the in-memory database and associated applications.
• Process & Automation: Review the effectiveness of controls embedded within critical business processes (e.g., Treasury, Finance, HR SuccessFactors) that utilize SAP, particularly focusing on process automation and system-driven controls.
• Access Management: Audit user and system-level security, including advanced segregation of duties (SoD) enforcement within the SAP environment.

Cloud Assurance & iCloud Audit Expertise

• Cloud Governance: Define and execute the audit strategy for managing organizational risk arising from public cloud services, including specific expertise in iCloud audit.
• Hybrid Assurance: Differentiate between, and test controls for, internal (corporate-managed), external (vendor-managed), and hybrid cloud deployments.
• Data Risk: Assess controls related to data retention policies, data leakage prevention across APAC regions, and the proper use of encryption and access logs in cloud storage.
• Regulatory Alignment: Evaluate compliance with varying data privacy and security regulations across multiple jurisdictions in the APAC region.

Leadership & Advisory

• Team Contribution: Act as a technical SME resource for the wider Internal Audit team, exchanging knowledge and cross-training on specialized audit areas.
• Management Reporting: Draft high-precision, board-ready audit reports, translating complex technical findings into clear, actionable business recommendations for senior management.
• Pioneer Culture: Actively participate in shaping the open, collaborative culture of the new team; challenging the status quo and bringing forward innovative audit methodologies.

skills and experience required
Minimum 10 to 15 years of progressive experience in IT Audit, Information Security, or a highly technical risk function.

Proven track record of "rolling up the sleeves" and performing deep, technical, hands-on audit work, not just overseeing staff.

Demonstrated expertise in auditing enterprise systems (SAP HANA, S/4HANA, SuccessFactors) and complex cloud/SaaS environments (iCloud, AWS/Azure governance).

A strong portfolio of multiple security/cloud certifications (e.g., CISSP, CISM, CCSK, CISA relevant SAP security certifications) is highly desirable.

whats an offer
This a permanent opportunity for an Senior IT & Cloud Assurance Auditor (Regional/Global Focus), offers a salary range of $ 10,000 to $ 15,000, inclusive of benefits.

To apply online please use the 'apply' function, alternatively you can reach me at
https://www.linkedin.com/in/Oliviatoh-032330132/. (EA: 94C3609 / R22109942)