Back to All Jobs
Manila, Philippines
4 days ago
IT Risk and Assurance Analyst

Just imagine your future with us…

At Aurecon we see the future through a very different lens. Do you?

Innovation, eminence and digital are at the heart of everything we do.  Are you excited about the future?

Are you driven by the opportunity to work on some of the most challenging and complex projects around the world and to learn from the best? We are.

Diversity is at the core of everything we do. We work together to create a culture based on respect, trust and inclusiveness. Our differences are what fuel our creativity.

What will you do?

As the IT Risk and Assurance Analyst, you will support and deliver quality outcomes to the business through the management of IT risks and compliance activities to ensure that Aurecon IT controls are embedded in IT operations and new IT solutions, appropriate and effective, improved as required, and that the IT risks are managed and mitigated to acceptable levels.

Here are the key things you will do to:

Implement and improve the Control Assurance Program, validating compliance of IT technology and processes with Aurecon IT policies and standards, to ensure Aurecon IT environment remains controlled and secure.Act as the primary contact for internal and external audits, coordinate and facilitate auditors’ requests, engage with relevant stakeholders and ensure audits are run smoothly and efficiently.Track audit and other compliance and security remediation activities and organise follow-up meetings as required to ensure they are fully addressed within committed timeframes.Perform IT self-assessments to monitor Aurecon compliance and maturity against its IT policies and standards.Be the Subject Matter Expert for IT compliance and provide advice to IT operations and IT projects.Raise awareness and publicize the requirements stated in the Aurecon IT policies and standards.Assist the business by coordinating responses to bids, prospective client and client IT questionnaires.Perform third party assessments against Aurecon IT policies and standards.Perform third party product assessments against Aurecon IT policies and standards.Ensure the information provided in all activities is of appropriate quality and provided regularly and timely, to ensure timely and accurate reporting.Monitor new regulatory and compliance requirements in the market and propose necessary changes to Aurecon IT policies and standards.Continuous improvement – Collect and propose changes to Aurecon IT policies and standards based on feedback received from internal and external sources, and outcomes of self-assessments and audits. Propose changes to the function’s own processes to improve performance and effectiveness.

What can you bring to the team?

Firstly, you will share our genuine passion for re-imagining engineering and be someone that actively pursues continuous learning to help shape the future. You will also need the following:  

4+ years of experience working in a similar capacityCertified Information Systems Auditor (CISA) or ISO/IEC 27001 Auditor desirableExcellent communication and presentation skills.Strong customer service and collaboration / relationship building skills (both internal and external).Display keen attention to detail.Analytical and methodical.Apply diligence and follow through until objectives are attained.Ability to stay calm, remain focused, show empathy and find mutually agreeable ways forward in situations of conflict.Ability to collaborate and positively influence to maximise outcomes and meet objectives.Ability to work independently.Seek opportunities for continual improvement and provide constructive feedback.Service oriented – the IT Risk and Assurance Analyst delivers services to IT, internal business and external stakeholders.General knowledge of Information Technology such as Active Directory and IT processes such as user access management, backup and recovery, and ITIL processes such as change management, incident management, problem management, service request management, CMDB.Experience in performing IT vendors and product assessments, IT audits, evaluation of IT controls.Ability to analyse and evaluate information, identify key issues and formulate conclusions based on sound, practical, pragmatic judgement, experience and common sense.Demonstrated knowledge of IT Security and Risk Management frameworks such as ISO2700X or NIST CSF.Experience working as an IT/Information security auditor or IT/Information security risk adviserGood knowledge of Excel.

Our Aurecon Attributes describe the types of people we bring together for clients. We don’t expect you to have all eight of the attributes, but one that is unique to you.

Finally, we value that each of our team members brings something different to Aurecon. We look for people who have had a broad range of experiences throughout their career and can demonstrate how they have worked as part of a team to bring ideas to life. Does that sound like you?

About us

We’ve re-imagined engineering.         

Aurecon is an engineering and infrastructure advisory company, but not as you know it!

For a start, our clients’ ideas drive what we do. Drawing on our deep pool of expertise, we co-create innovative solutions with our clients to some of the world’s most complex challenges. And through a range of unique creative processes and skills, we work to re-imagine, shape and design a better future.

We listen deeply and intently, which helps us see opportunities, possibilities and potential that others can’t.

Think engineering. Think again.

Want to know more?

You can learn more about what it’s like to work at Aurecon by visiting the careers section of our website.

If you are intrigued or excited by what you have read, then we want to hear from you. Apply now!

Show More
Save & Apply Later Applying Later... Click to ApplyI AppliedDidn't Apply
Confirm your E-mail: Send Email
Apply for this job
Next Job »
All Jobs from Aurecon
25 Aurecon jobs in Manila 25 Aurecon jobs in PH
Next Job »
Search Jobs Aurecon Apply Later
Processing Unique Jobs for You: