Crawford & Co.

GBSC- IT Internal Audit Risk-Based Manager

Job Locations PH-Manila
Posted Date 2 months ago(19/1/2023 4:59 AM)
Requisition ID
# of Openings
Information Technology



Performs and manages multiple, concurrent engagements to assess systems and processes relevant to the Company’s use of technology and communications to support business operations and activities. Performs complex audits in designated areas of the organization to identify risk and assist management with recommendations to manage risk, which are presented to Company Management. Will serve as the project leader on standard audits, the senior member of large-scale audits, or conduct complex audits independently.


Job Scope

  • Oversees efforts for multiple concurrent engagements, with varying degrees of complexity, in accordance with department standards.
  • Builds effective relationships with business partners and senior management worldwide to stay abreast of activities within the Company’s operations for consideration in risk assessment exercises and audit planning activities.
  • Contributes to the development of the annual Internal Audit plan and engagement-specific scoping using a risk-based approach.
  • Exemplifies command of IT subject matter, including identification of relevant risk and controls.
  • Defines engagement scope and objectives, designs work programs, develops, and delivers management communications, and executes work programs, as needed.
  • Designs strategies and work programs for evaluating domestic and international processes that affect cybersecurity controls.
  • Executes work programs including the gathering, testing, evaluation, and documentation of results, conclusions, and recommendations according to department standards.
  • Articulates the results of engagement work verbally and/or in writing to audit clients.
  • Supports department leadership in responding to Company management queries relating to the control environment and participates in investigations activities when directed by department leadership.
  • Coaches, trains, and monitors audit staff assigned providing appropriate oversight and guidance related to testing strategy, auditing technique, and sampling methodology throughout the audit cycle. Reviews the work of staff for adequacy of approach and support for engagement results and reporting.
  • Identifies and implements ideas for applying technology to increase the overall efficiency of engagements, while maintaining quality and soundness of work product.
  • Identifies and implements ideas for improving department processes and procedures.
  • Collaborates with cybersecurity team and internal compliance functions as well as other internal parties to help minimize business disruptions related to department activities.
  • Performs other job responsibilities and duties as assigned by department leadership.
  • Upholds the Crawford Code of Business Conduct and Ethics.

Functional Knowledge

  • Bachelor’s degree in a relevant field including Information systems, systems analysis, or internal audit
  • At least (3) years or more years of cybersecurity audit experience
  • 3 years of cybersecurity audit experience or audits in areas such as, but not limited to Cloud Computing, Project Governance, BCP/DR, Vulnerability Scans, Penetration Testing, RPA, Data Governance and Systems Migration.
  • Knowledge of Information Security Frameworks like NIST, CIS, ISO2700X-series.
  • Strong knowledge and application of The Institute of Internal Auditors’ International Standards for the Professional Practice of Internal Auditing and Information Systems Audit Framework.
  • Strong project management abilities with relevant experience as auditor-in-charge of IT audits.
  • Experienced in audit report writing and presentation of results to client.
  • Certifications such as CISA, CISSP, CRISC, OSCP or CEH required.
  • Advanced degree in Information Systems related field is a plus.
  • Excellent oral and written communication skills as well as interpersonal skills.
  • Pursues professional self-development and stays abreast of emerging trends and leading practices in information technology, auditing, risk management and auditing fields through continuing education, seminars, review of professional journal and self-study programs in the areas of management, accounting, auditing, and information technology.
  • May require domestic and international travel.
  • Keen attention to details
  • Ability to multi-task, prioritize and manage time effectively
  • Interpersonal skills - Able to work independently and as a team member
  • Maintains high degree of professionalism and confidentiality




Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.