Senior Specialist IT Risk Management and Control
Job description / Role
Employment: Full Time
About Agoda
Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, plus flights, activities, and more.Based in Asia and part of Booking Holdings, our 7,100+ employees representing 95+ nationalities in 27 markets foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world.
Our purpose u2013 bridging the world through travel
We believe travel allows people to enjoy, learn and experience more of the amazing world we live in. It brings individuals and cultures closer together, fostering empathy, understanding and happiness.
We are a skillful, driven and diverse team from across the globe, united by a passion to make an impact. Harnessing our innovative technologies and strong partnerships, we aim to make travel easy and rewarding for everyone.
Get to know our team:
Agodau2019s Risk & Control team enables business growth in a sustainable way on a solid foundation by balancing between business growth, innovation and effective controls. Creating the standards and frameworks through which the company understands risks.Supporting the development and design of new products and existing processes through the implementation of appropriate controls. Supporting enterprise level risk management by coordinating internal and external audits. Ensuring that we as a business are meeting our minimum control requirements for key regulations such as SOX, Competition and Consumer Law, Privacy etc.
Be a sounding board and knowledge source on the management of business risk for the business. Making sure we have the right conversations on risk at the right time between the right people.
The opportunity
The Senior Specialist of IT Risk and Controls is a critical role on a global scale. The scope of this role will include both tactical oversight of IT SOX compliance efforts day to day, as well as supporting broader development of risk mitigation strategies for the organization.This role requires a dynamic, fast learner with sharp business instincts and the foresight to identify risks early in any project. They must also build trust with stakeholders to earn influence and proactively manage potential risks.
As the Senior Specialist of IT Risk and Controls, your business partnering role will span the entire range of functional areas such as Product, Information Technology, Marketing, Pricing, Partner Services, Customer Services, including various functions of the Finance team.In addition, you will work closely with IT and Product teams to understand and advise on the IT control design framework to ensure overall SOX compliance and appropriate business risk management.
In this role, youu2019ll get to:
- Support the delivery and maintenance process end-to-end, internal control documentation and other documents for the IT domains.
- Facilitate design reviews and complete control impact assessments for new business initiatives.
- Provide effective and valid input from risk and control perspective to process owners and management.
- Help ensure no high-risk rating or significant deficiencies, or any unexpected audit findings.
- Coordinate with audits for both internal and external audit teams.
- Support facilitation of SOX and control training sessions for business partners.
- Support risk assessment frameworks in areas such as new product reviews.
- Analyze and/or design IT SOX controls supporting business processes and other compliance topics to identify risks and control weaknesses.
- Provide guidance and support to your business partners (e.g., process owners) in designing and implementing appropriate controls to strengthen the control environment and mitigate risks.
- Assist in the implementation of, and ongoing compliance with the Booking Holdings Group ERM framework (based around COSO 2017).
- Work to mitigate and remediate identified deficiencies with the business in a timely manner.
- Bacheloru2019s degree preferably in Business Informatics, Information Technology field.
- Excellent knowledge of auditing various business and IT operations and risk-based auditing attained through 5+ years of progressive work experience.
- Previous experience in SOX compliance and/or technical compliance role; experience in setting up and operating Enterprise Risk Management programs a plus.
- Expertise of ITGC concepts (especially SOX and COSO) and understanding how they fit into the overall control landscape.
- IT SOX management experience highly preferred, e-commerce or travel industry experience a plus.
- Ability to work independently, productively and as part of a team.
- Strong communication skills with fluency in English.
- Proficiency in MS Office (Word, Excel, PowerPoint) and Visio.
- Certified Information System Auditor (CISA), or similar designation.
- High level of integrity is a must.
- An eye to spot control risks with an intuition of risk prioritization.
- Curious, creative and innovative, particularly in designing proper controls without stiffening the business growth.
- Flexibility to adapt to an ever-evolving and dynamic work environment.
- Self-starter with strong sense of responsibility.
- Quick thinker and confident in decision making.
- Process, problem solving and action orientated mindset.
- Good analytical skills with strong attention to detail.
Company Industry: Charity / Non-profit / NGO
Apply Now