• Perform annual IT risk assessment, proposes and prioritize audits based on risk.
  • Plan, conduct and document risk-based audit of IT functions, processes and underlying IT systems, which evaluate control environment, internal control, security and data integrity.
  • Identify, assess and develop solutions for internal control, security and data integrity issues and make value-added recommendations to reduce cost, improve efficiency in processes and rectify weaknesses in controls.
  • Monitor compliance with Company’s security policies, procedures, and processes as well as federal, state and local laws, regulations and accreditation criteria.



  • Possess or is currently pursuing a Certified Information System Auditor (CISA) certification.
  • Intend to pursue CISA and hold a degree in Computer Science, Management Information Systems, IT, or is a member of Association of Chartered Certified Accountants (ACCA) or Chartered Institute of Management Accountants (CIMA), with 2 to 3 years of IS auditing experience.
  • Experience in general insurance industry is an added advantage.
  • Possess analytical skill and knowledge in Microsoft Office.
  • Proficient in English and Bahasa Malaysia, both written and spoken.