TMF

TMF Group is a leading provider of administrative services, helping clients invest and operate safely around the world. As we’re a global company with 11,000+ colleagues based in over 125 offices across 87 jurisdictions, we actively seek out people with the talent and potential to flourish at TMF Group, whatever their background, and offer job opportunities to the broadest spectrum of people. Once on board we nurture and promote talented individuals, making sure that senior positions are open to all.

The Assurance and Accreditations Specialist/Lead will be supporting the coordination and facilitation of assurance and accreditations related activities within the O&T – Information Security and Resilience function. The person will be primarily responsible for ensuring compliance to the TMF Group’s ISAE 3402 accreditations program and ISO certifications (ISO 27001 Information Security Management System (ISMS), ISO 22301 Business Continuity Management System (BCMS).

Key FUNCTIONS AND Responsibilities:

ISAE 3402 programme management and audit coordination which includes but not limited to:

• Manage the programme deliverables end-to-end including the annual planning, internal assessments, external audits, reporting and programme reviews.
• Oversees the annual ISAE 3402 internal assessment and external audit activities to ensure that all assessments and audits are completed according to the annual calendar.
• Main point of contact for both external auditors and internal stakeholders for the assigned programme/jurisdiction.
• Responsible to coordinate the review of the annual ISAE 3402 Service Organization Controls (SOC) framework with relevant stakeholders.
• Provide support and recommendation for ISAE 3402 new rollouts as a subject matter expert of the control framework.
• Collaborate with Practice Heads and Local Offices to ensure compliance to the control framework.
• Work with the team on ISAE 3402 projects and tasks, as assigned.

ISO certification audits (ISO 27001 Information Security, ISO 22301 Business Continuity Management) which includes but not limited to:

• Manage the programme deliverables including the annual planning, internal audit and reporting.
• Collaborate with Technology Governance/ Business Continuity Team to ensure compliance with the ISO standard and policies requirements at both local and global level
• Work with the team on ISMS/BCMS related projects and tasks, as assigned.

Others:

• Provide data-driven analysis to support Senior Management in decision making to address risk and issues as required.
• Ensure that risks and issues related to the global programmes are closely monitored and appropriately escalated to the relevant stakeholders. Thereafter, risk mitigation actions shall be coordinated and track to completion.
• Collaborate with team members by identifying opportunities for improvement within the assurance and accreditations related activities.
• Assist in ad hoc projects as assigned.

Competencies and Skills:

• Detail oriented with strong organizational skills.
• Work well independently as well as in a team environment.
• Good interpersonal skills: ability to collaborate and communicate effectively across all levels of staff.
• Able to accommodate to flexible working hours, this role may be required to support the Americas, APAC and/or Europe region depending on the assigned role.
• Excellent both written and verbal communication skills; Candidate must be proficient both written and spoken in English. Additional known languages would be an added advantage e.g. Mandarin, Spanish, or any other languages.
• Willingness to expand skill sets and competencies to meet the needs of the business.

Experience and Qualifications:

• Bachelor’s Degree Holder in Business or any related disciplines.
• Minimum 5 years of relevant working experience (preferably in audit or assurance roles).
• Understanding of payroll, accounting, tax, information security and/or business continuity controls will be an added advantage.
• Experience in internal or external audits will be an added advantage.
• Knowledge of accreditations and certifications such as ISAE 3402, Service Organization Controls (SOC), ISO 27001, ISO 22301 would be an added advantage.
• Certified ISO Internal Auditor (in any standard) will be an added advantage.
• Multicultural work experience collaborating with stakeholders from different region will be a key advantage.

Continuous development that is supported and encouraged through global learning opportunities from the TMF Business Academy and a strong culture of feedback.