Infra IT Auditor (PQE)

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.

As an IT Auditor for Infrastructure Managed Services (including Cloud environment), you will play a crucial role in shaping and executing a risk-based audit strategy, diving into IT audits and risk assessments to evaluate and enhance control effectiveness

What will you do?

IT Audit and Risk Assessment

• Conduct IT audits, compliance and IT risk assessment primarily in Infrastructure control, IT general controls and cybersecurity.
• Able to plan and communicate the audit activities with the stakeholders.
• Audit and identify the risk and non-compliances at project sites, evaluate the issue and produce the audit/assessment report.
• Work off-site with different projects during audits/reviews, performing visual and auditory analysis of audit items independently

Risk Identification and Control Evaluation

• Identify and evaluate complex technology and business risks and internal controls designed to mitigate these risks.
• Assess the discovered non-compliant issues in infrastructure operations  
• Analyse the issue deficiencies, determine the impact, and provide guidance to the remediation.
• Recommend opportunities for internal control improvement based on risk evaluations.

Audit Reporting and Stakeholder Management

• Provide audit report covering audit findings, root cause and recommendations for improvements.
• Present audit findings to senior stakeholders, both internal and external, clearly and professionally.
• Follow up with project teams to ensure that root causes are addressed and that corrective actions are implemented effectively

The ideal candidate should possess:

• Degree in IT, Computer Science or any other related field.
• Minimum 5 years of ICT experience, preferably with a few years in ICT audit and/or Risk Assessment.
• Relevant IT audit certifications such as CISA, CISM, CISSP, CRISC, and/or ISMS Lead.
• Experience in requesting and inspecting Infrastructure Operations,  IT systems artefacts during audits/reviews.
• Ability to work independently in field audits, performing visual and auditory analysis of audit items.
• Experience in audit field work including IM8 audit (for Infrastructure environment including Cloud)
• Strong understanding of complex business and IT processes, and their related risks.
• Must have knowledge on Infrastructure design, network, IT operation processes and cybersecurity.
• Prior experience in project management, infrastructure implementation and operations.
• Self-motivated and proactive attributes, with the ability to deliver quality and thorough audit work, with an eye for detail.
• Keen attention to detail and patience in producing reports and documentation.