Internal Controls Manager - ITGC Focus

About The Position

Requirements

• CISA certification (mandatory); additional certifications like CISSP, CRISC, or CIA are a plus.
• 7+ years of experience in IT audit, internal controls, or risk advisory.
• Deep understanding of ITGC domains: access controls, change management, operations, SDLC.
• Experience with control frameworks: COSO, COBIT, NIST, ISO 27001.
• Strong knowledge of ISAE 3402, SOX 404, and financial reporting controls.
• Familiarity with ERP systems (SAP, Oracle) and cloud platforms (Azure, AWS, GCP).
• Excellent stakeholder management and communication skills.

Nice To Haves

• Experience in control automation and data analytics (e.g., Power BI, Alteryx).
• Exposure to cybersecurity controls and IT risk assessments.
• Experience in regulated environments (e.g., financial services, asset management).
• Project management and change management experience.
• Experience of Fund Accounting / Administration systems (e.g. FIA, Yardi, Investran).

Responsibilities

• Lead the design, implementation, and continuous improvement of ITGC frameworks aligned with COSO, COBIT, ISAE 3402 and SSAE 18 standards.
• Act as SME for ITGC and CISA-related topics across the group and client engagements.
• Advise clients on IT risk management, control automation, and audit readiness.
• Support the Head of Internal Controls in developing new IT-focused control services.
• Oversee ITGC testing and walkthroughs, including access management, change management, backup and recovery, and system development lifecycle (SDLC).
• Coordinate with internal and external auditors on ITGC scope, testing, and remediation.
• Lead control assessments for ERP systems (e.g., SAP, Oracle) and cloud environments.
• Monitor and report on control deficiencies, remediation plans, and control effectiveness.
• Ensure compliance with SOX, ISAE 3402, SSAE 18, ISO 27001, and other relevant standards.
• Maintain up-to-date documentation of ITGC controls, risk assessments, and audit trails.
• Support segregation of duties (SoD) reviews and user access certifications.
• Experience in change management, particularly in the context of IT systems and control environments.
• Proven track record in implementing new systems, including ERP platforms, cloud-based solutions, and control automation tools.
• Strong involvement in digitalisation initiatives, with a focus on improving control efficiency, data integrity, and audit readiness.
• Participation in or leadership of transformation projects, such as process reengineering, control maturity assessments, and automation of manual controls.
• Ability to identify and deliver continuous improvement opportunities across ITGC and broader internal control frameworks.
• Comfort working in project-based environments, collaborating with cross-functional teams including IT, Finance, Risk, and Compliance.

Benefits

• Training to support ongoing development and for relevant technical knowledge.
• Further training for relevant technical knowledge and other management and leadership skills necessary to excel in the role.