Senior Specialist IT Risk Management And Controls

Agoda

• The Opportunity:

The Senior Specialist of IT Risk and Controls is a critical role on a global scale. The scope of this role will include both tactical oversight of IT SOX compliance efforts day to day, as well as supporting broader development of risk mitigation strategies for the organization. This role requires a dynamic, fast learner with sharp business instincts and the foresight to identify risks early in any project. They must also build trust with stakeholders to earn influence and proactively manage potential risks.

As the Senior Specialist of IT Risk and Controls, your business partnering role will span the entire range of functional areas such as Product, Information Technology, Marketing, Pricing, Partners Services, Customer Services, including various functions of the Finance team. In addition, you will work closely with IT/Product teams to understand and advise on the IT control design framework to ensure overall SOX compliance and appropriate business risk management.

In this Role, you ll get to:

• Support the delivery and maintenance process end-to-end, internal control documentation and other documents for the IT domains.
• Facilitate design reviews and complete control impact assessments for new business initiatives.
• Provide effective and valid input from risk and control perspective to process owners/management.
• Help ensure no high-risk rating or significant deficiencies, or any unexpected audit findings. Co-ordinate with audits for both Internal and External audit teams
• Support facilitation of SOX and Control training sessions for business partners.
• Support risk assessment frameworks in areas such as new product reviews
• Analyze (and/or design) IT SOX controls supporting business processes and other compliance topics to identify risks and control weaknesses
• Provide guidance and support to your business partners (e.g., process owners) in designing and implementing appropriate controls to strengthen the control environment and mitigate risks
• Assist in the implementation of, and ongoing compliance with the Booking Holding Group ERM Framework (Based around COSO 2017)
• Work to mitigate and remediate identified deficiencies with the business in a timely manner.
  
  

What you ll Need to Succeed:

• Bachelor s degree preferably in Business Informatics, Information Technology field.
• Excellent knowledge of auditing various business & IT operations and risk-based auditing attained through 5+ years of progressive work experience.
• Previous experience in SOX compliance and/or technical compliance role; experience in setting up and operating Enterprise Risk Management programs a plus
• Expertise of ITGC concepts (especially SOX & COSO) and understanding how they fit into the overall Control Landscape.
• IT Sox Management experience highly preferred, E-commerce or travel industry experience a plus
• Ability to work independently, productively and part of a team
• Strong Communication Skills with fluency in English.
• Proficiency in MS Office (Word, Excel, PowerPoint) and Visio
  
  

It s Great if you have:

• Certified Information System Auditor (CISA), or similar designation.
• High level of integrity is a MUST
• An eye to spot control risks with an intuition of risk prioritization
• Curious, creative and innovative, particularly in design proper controls without stiffening the business growth
• Flexibility to adapt to an ever-evolving and dynamic work environment
• Self-starter with strong sense of responsibility
• Quick thinker and confident in decision making
• Process, problem solving and action orientated mindset
• Good analytical skills with strong attention to detail
• Strong communication and relationship building skills
• Professional get it done attitude and strong work ethics