IT Auditor

Location Bangkok
Job type Permanent
Job reference BBBH32591_1668482081
Salary THB50000.00 - THB100000 per month
Consultant email


  • Support Head of IT Audit to develop an IT Audit Annual Plan based upon an overall IT risk of Bank's universes and existing control status.

  • Assess and review adequacy and effectiveness of controls on IT Governance, IT Services Management Processes supporting IT, business strategy, and operations of the bank e.g. availability management, access management, or IT service continuity management.

  • Conduct review on IT controls required by regulatory e.g. Sabanes Oxley Act, National Credit Bureau, Bank of Thailand, and Securities & Exchange Commission of Thailand, and over management and monitoring of compliance with a range of IT regulations and the Bank's IT policies, standard, and procedures.

  • Provide IT risk advisory services for IT initiatives and conduct new priority audit activities as required by management related to financial services, digital technologies, infrastructure technology, IT control over applications and business processes, IT service management, and IT compliance and regulators.

  • Develop and perform Continuous Control Monitoring (CCM) via programming, script, and method to regularly detect the weakness of control relating to IT risk.

  • Ensure mitigation action of IT residual risks is performed properly as agreed plan with appropriate acknowledgement of management.


  • Bachelor's degree in IT, Information System, Computer Science, Engineering, Accounting, Business Administration or related fields.

  • At least 5 years work experience in IT internal/ external auditor or IT compliance/ IT risk management/ IT security.

  • Experience over the control design and/or implementation over IT risk.

  • Strong testing experience on IT controls e.g. IT governance, Cyber security, ISO27001/27002, SAS70, SDLC and Change management, Network security, Platform security covering configuration management, etc.

  • Good knowledge in IT Audit, IT Compliance, IT Risk or IT Security.

  • Good English communication (both written & verbal). * Preferable certified of CISA or CISSM or CISSP, or other related certifications.