Portfolio Company Careers

Discover opportunities across our network of values-driven companies!
Sovereign’s Capital
Sovereign’s Capital

IT Audit Manager, SOX



Petaling Jaya, Selangor, Malaysia
Posted on Tuesday, April 23, 2024

Company Description

About Grab and our workplace

Grab is Southeast Asia’s leading superapp. We are dedicated to improving the lives of millions of users across the region by providing them everyday services such as deliveries, mobility, financial services, enterprise services and others. More than that, we provide the opportunity for them to have a better life. And that aspiration starts inside Grab because we believe in a seamless blend of work and home life, making every aspect of life better for all.

Guided by The Grab Way, which spells out our mission, how we believe we can achieve it, and our operating principles—the 4Hs: Heart, Hunger, Honour and Humility—we work to create economic empowerment for the people of Southeast Asia. With our unwavering commitment to our values, we believe that we're more than a service provider; we're agents of positive change.

Job Description

Get to know our Team:

The SOX team is responsible for:

  • Ensuring the Group’s compliance with SOX regulations, and good internal control practices
  • Ensure financial policies, processes and controls in place, and operating effectively
  • Safeguarding of company assets through mitigating financial risks & exposures
  • Continuous improvements on financial operation through implementing innovative solutions

We make an impact by working with multiple business stakeholders to understand and improve internal controls. Our team is made up of intellectually curious professionals who are keen to apply their knowledge and experience in a dynamic setting. If you are looking for the opportunity to shape the control environment at a fast-paced and dynamic technology firm, then you should join our team!

Get to know the Role:

We are looking for an IT Audit Manager (SOX) to provide IT advisory on the adequacy of Internal Controls Over Financial Reporting (ICFR). We believe a successful candidate has ample IT audit and risk advisory experience in the technology industry, but if you believe you have what it takes then we’d love to hear from you either way. In return, you will get an opportunity to apply your expertise and be the internal go-to person on IT risks and controls.

The day-to-day activities:

  • Reports to the SOX Senior Manager
  • Assist in SOX scoping and risk assessment activities
  • Provide timely updates on progress of SOX walkthrough and testing activities, deficiencies identified and escalation (if necessary) to key stakeholders
  • Collaborate with SOX team, Finance, Operations, Group Technology Services and Engineering to understand, evaluate and document IT controls
  • Provide guidance to SOX tester and oversee daily progress of SOX walkthrough and testing activities
  • Perform factual validation of deficiencies identified with control and process owners
  • Assess deficiencies identified, work with both control and process owners to formulate action plans, facilitate/ guide control owner with remediation efforts and follow-up on remediation activities to verify resolution
  • Assist in development of test plans and testing for IT general controls and IT applications controls.


The must haves:

  • Bachelor’s degree in Business, Engineering, Information Technology (IT) or related disciplines with IT focus
  • Professional certification (e.g., CISA)
  • Between 6-10 years of IT audit and risk advisory experience (including Sarbanes-Oxley)
  • IT audit and control experience in Big 4 or leading organizations, with a focus on IT General Controls (ITGC) and IT Automated Control (ITAC)
  • Excellent analytical ability to understand business issues associated with IT processes and related risks and controls, identifying root causes and recommending solutions.
  • Strong verbal and written communication as well as presentation skills
  • Able to work in a fast paced environment

Experience and knowledge in the following:

  • ITGC and ITAC auditing experience with banking and/or financial services industry is preferred
  • Led ITGC and ITAC related engagements within a professional services or consulting environment, combined with ability to work in teams effectively
  • Knowledgeable with current industry standards such as COBIT
  • Strong understanding of MAS TRM, or other control requirements (Eg. SOX 404)
  • Knowledge and understanding of internal controls, IT security controls risks assessment, management and governance, fraud, auditing techniques and methodologies
  • Strong technical competencies and capabilities in audits of infrastructure, network and applications of different platforms managed by different departments or teams.

Additional Information

Benefits at Grab:

We care deeply about your well-being and are committed to supporting you every step of the way. Here are some of the global benefits we offer:

  • Protect and provide for your loved ones with peace of mind, knowing we have your back with Term Life Insurance and comprehensive Medical Insurance.
  • Craft a benefits package that suits your unique needs and aspirations with GrabFlex, because we believe in empowering you to thrive.
  • Embrace the magic of new life and create lasting memories with your family through Maternity and Paternity Leave.
  • Life can be overwhelming, but you're never alone. Our confidential Grabber Assistance Programme is here to guide and uplift you and your loved ones through life's challenges.
  • Your well-being is our priority. Benefit from our holistic well-being initiatives through Wellbeing@Grab, including health programmes, informative webinars, and vibrant carnivals.
  • Achieve a harmonious work-life balance with our FlexWork arrangements, allowing you to adapt and thrive in your personal and professional life.

We’ve got many different benefits hyper localised in each country. Speak to your recruiter during your interview to find out more.

What we stand for at Grab:

We are committed to building an inclusive and equitable workplace that enables diverse Grabbers to grow and perform at their best. As an equal opportunity employer, we consider all candidates fairly and equally regardless of nationality, ethnicity, religion, age, gender identity, sexual orientation, family commitments, physical and mental impairments or disabilities, and other attributes that make them unique. If you require accommodations to fully participate in the recruitment process, you are encouraged to include your request(s) when applying.

We deliver the greatest impact and ideas when we bring together diverse perspectives. It is what enables us to spread opportunities to Grabbers and our partners. It’s not a box-ticking exercise; it’s who we are.