Job Purpose Assist the Head of Internal Audit in planning and executing risk-based IT and Operational audits covering infrastructure, applications, cybersecurity, and data governance. The role includes supporting operational audits with IT-related controls and assisting in statutory audits, including those conducted by Jabatan Audit Negara (JAN), to ensure overall compliance and governance across the organisation. Key Responsibilities Lead and execute the annual IT audit plan aligned with the organisation's strategic risk profile and internal audit priorities. Conduct audits on IT general controls (ITGC), application controls, cybersecurity, change management, cloud services, and system development projects. Review end-to-end technology processes supporting financial reporting, procurement, grants, HR, and operations. Participate in routine operational audits to assess controls within key business processes. Identify control gaps, analyse root causes, and propose practical recommendations for remediation and risk mitigation. Prepare high-quality audit documentation, findings, and reports in accordance with IIA standards and GLC governance expectations. Perform follow-up reviews to validate implementation of agreed corrective actions. Liaise with internal stakeholders and system owners to facilitate effective audit execution and resolution of Operational and IT-related risks. Assist in audits conducted by Jabatan Audit Negara (JAN) by coordinating data requests, facilitating system walkthroughs, and addressing audit queries in collaboration with other departments. Guide and supervise junior auditors in Operational and IT-related assignments, reviewing their work for quality and compliance. Maintain current knowledge of emerging technology risks, GLC governance requirements, and relevant statutory guidelines. Requirements Bachelor's Degree in Computer Science, Information Technology, Information Systems, Cybersecurity or related field from a recognised institution. Professional certification such as CISA (preferred), with additional credentials like CRISC, CISM, or CIA considered an advantage. 3-5 years of relevant experience in IT audit, technology risk or governance, preferably within a GLC, regulated entity or with exposure to Jabatan Audit Negara audits. Proficient in IT audit and governance frameworks (e.g. COBIT, ISO 27001), enterprise systems (e.g. SAP, ERP), and data analytics tools. Willing and able to perform operational and IT Audits to support key business processes. Strong analytical thinking, communication, and report-writing skills, with the ability to engage stakeholders across functions. Demonstrates high integrity, professional objectivity, and the ability to manage assignments within deadline set. Show more Show less