Skip To Content

Senior/Lead IT Auditor

  • Localização
    • Shanghai, Shanghai
  • Agendar Full time
  • Postou


- Support the Audit Director and Manager in ensuring the development and execution of a comprehensive program of audit work. This includes leading or participating the development of an annual risk assessment and audit plan, and the planning, scoping and testing work of individual audits

- Ensure audit projects address GM and GMAS key strategic and business objectives based on understanding of appropriate business aspects, risks, potential fraud, and performance

- Draft work papers or review and approve work papers drafted by team members for accuracy, adequate testing coverage, and appropriate documentation

- Lead or contribute to the development of the audit report. Draft audit issues ensuring that the root cause is accurately identified and management action plans are developed that address the root cause

- Manage and provide hands on support to the team members throughout the audit led by you

- Support manager communicate and report audit results with business divisions and VPs, where applicable

- Serve as primary contact for local audit client management during and after the audit

- Ensure the audit management system (STAR) is updated accurately and timely

- Track open Issues/Management Action Plan to ensure proper progress until closure

- Support the development of an effective Continuous Business Monitoring and Risk Assessment Process

- Provide feedback on team members' performance and areas to be improved on time

- Participate in ongoing professional development

- Develop a good understanding of GM operations worldwide

- Build strong relationships to work with the business and other service lines

- Serve as a brand ambassador for ‘One GMAS’

Additional Description

§        Four years or more of professional experience as an IT auditor or other relevant compliance and controls experience

§        Preferred with: Big 4 Advisory Firm audit or risk advisory experience, knowledge of cybersecurity and vehicle cybersecurity, familiar with mainstream security assessment tools, project management experience

§        At least one professional certification (CISA, CISM, CISSP, CIA, Ethical Hacking or other applicable certification)

§        In-depth understanding of IT security, processes and technologies, such as SDLC, OS, DB, network devices, web application security (OWASP Top 10)

§        Highly self-motivated

§        Ability on multitasking

§        Proficient in oral and written English and Chinese

§        Ability to travel up to 30%