The Opportunity Join a leading global insurance firm currently undergoing a significant expansion across the Asia-Pacific region. Unlike many contract roles tied to short-term projects, this is a ITGC focused position within our First Line (Line 1) Technology Risk team. You will play a critical role in executing a balanced portfolio of controls- focused on Information Security and on General Controls (ITGCs). The Role We are looking for a "doer" -someone who enjoys getting into the weeds of IT and Cybersecurity controls. This isn't a high-level advisory role; it is a dedicated execution role focused on the practical, step-by-step application of control testing. Key Responsibilities: Full-Cycle Testing: Execute end-to-end testing for a broad range of ITGCs (Change Management, Logical Access, IT Operations) and Cybersecurity controls. Practical Evidence Validation: Move beyond "tick-box" auditing. You will be expected to verify the Completeness and Accuracy of data and reports (IPE) before testing control effectiveness. Regulatory Environment: Test and report findings aligned to APRA CPS 230 and CPS 234 standards across the APAC region. Stakeholder Walkthroughs: Lead interview-style meetings to understand complex business processes and gather high-quality evidence. Critical Analysis: Independently challenge evidence and identify root causes rather than just noting symptoms. Collaborative Remediation: Partner with the business to develop practical remediation plans. We value a consultant-style approach to problem-solving that builds long-term stakeholder trust. Global Collaboration: Liaise with counterparts in the UK and US to ensure alignment with global risk standards. About You You are likely a Senior IT Auditor or Tech Risk Specialist with a solid foundation in both Cybersecurity and IT Operational Risk. You pride yourself on your technical "hand-on" ITGC testing ability and your ability to navigate complex corporate environments in APAC. Requirements: Experience: Proven track record in Line 1 or Line 2 IT Control Testing. You must demonstrate a broad understanding of controls that support financial and operational integrity (not just security). Technical Rigor: Ability to describe and execute a control test step-by-step, including identifying key attributes and system-generated report parameters. Regulatory Knowledge: Experience working within APRA-regulated environments (CPS 234/230) or similar regional frameworks. Stakeholder Management: Exceptional ability to lead workshops and challenge evidence professionally and collaboratively. We are looking for a "partner" mindset, not a "policeman" approach. Certifications: While CISA, CISM, or ISO27001 are "nice to have," we value practical, on-the-ground experience above all else. Why Apply? Stability: This is a BAU role required for regulatory purposes, offering high potential for extension. Global Reach: Gain exposure to international stakeholders and global risk frameworks. Culture: Join a technology team that values a collaborative, transparent, and manageable environment. Growth: Work for a firm that has doubled its revenue in the last 5 years and is actively expanding its APAC footprint. How to Apply If you are a ITGC controls specialist who loves the "doing" and wants to join a stable, growing global team, please submit your CV for a confidential discussion