某外资新兴智造产业，前景广阔

The Internal Audit team's mission is to call attention to risks and drive actions to address those risks to protect Comany. The team partners with business, IT, Security and Privacy, and engineering groups to identify areas of risk, make valuable recommendations on standardization of processes and controls, and influence changes and decisions.
We are seeking an experienced Sr IT Internal Audit Program Manager to join our expanding Internal Audit team. This position is responsible for the strategic expansion of the IT Audit team in Shanghai; leading complex activities in the areas of Information Security, Data Privacy, Program Development, and Financial/Operational Risk Management.
Responsibilities
· Build and grow strong relationship with senior management. Manage management requests regarding internal control assessments, process and procedure evaluations, special investigations and internal control education.
· Interact extensively with IT, InfoSec, and Engineering teams and be comfortable planning and executing technical projects in areas of information security, data privacy, and product/system implementation reviews.
· Assist continuous risk management and oversight functions by staying apprised, engaged, and trained in emerging technologies and technology risks which feed into the development of IT risk assessments and audit programs
· Take on complex challenges while being able to clearly articulate the problem statement and tactical plans/recommendation to management stakeholders.
· Make recommendations for improvement of the control environment through audit and technical transformation assessments while managing the follow-up activities for remediation of issues identified.
- Understand applicable laws and regulations to provide a point of view on audit requirements related to information security and privacy controls.
· Utilize data analysis techniques and audit software to evaluate and monitor IT and operational risks.

Qualifications
· 10+ years of IT Audit experience from public accounting (Big 4 preferred) and/or internal audit, information security teams.
· Bachelor’s degree in MIS, Computer Science, or related field or equivalent experience.
· At least one professional certification required such as CISA, CISSP, GPEN or other applicable professional certification.
· Strong understanding of technology processes (e.g. change management, access security, computer operations) and application controls for end users and back office operations.
· Technical proficiency in areas such as ERP, Infrastructure, Cybersecurity, Databases, SaaS.
· Advanced understanding of internal control and the demonstrated ability to evaluate and determine the adequacy of controls by considering business, IT and infrastructure risks.
· Strong project management and organizational skills, with the capability to work on multiple projects with minimal direction.
· Familiarity and understanding of major professional audit frameworks, cybersecurity laws and regulations (NIST, ISO 27001, ITIL, COBIT, PCI-DSS, etc.).
· Leadership skills (ability to take charge, confidence to interact with all levels, set objectives, drive results, and a team player).