Technology Auditor
Singapore - OneNorth
GXS Bank
Say hello to a better way to bank. Enjoy up to 3.28% p.a. daily interest with GXS Savings Account. Get instant cash from 0% interest with GXS FlexiLoan.Get to know our Team:
- Internal Audit is an independent function (3rd line of Defence) within GXS Bank that provides an objective assurance and advisory role to senior management.
- We use a systematic, disciplined risk-based approach to evaluate and assess risks, processes and internal controls, while aligning them to the Bank’s overall digital strategy.
- Internal Audit covers multiple businesses and technology functions within the Bank.
Get to know the Role:
- You report to the Head of Technology Audit at GXS Bank, which is part of the IT/Technology audit team.
- As an IT/Technology auditor, you are primarily responsible for executing all audits and risk advisory activities pertaining to IT/Technology (Applications & Infrastructure), Cyber Security, Data Governance & Engineering and Technology Products at GXS.
- We seek a candidate who brings expertise in Data Analytics and has practitioner experience in Cloud Computing and Security, coupled with audit and risk advisory experience to support the Technology Audit team, in a fast-paced and dynamic environment.
- You effectively plan, manage and execute audits, including the design of audit test steps to evaluate the risks associated with (but not limited to) governance, financial, operational, regulatory, and business continuity.
- You maintain well documented audit work papers including supporting documents/ evidence in the GRC system, which are subject to regular internal quality assurance review.
- You are able to execute and complete audit projects by adhering to audit methodology, key phases and assigned timelines.
- You keep abreast of MAS regulations on IT-related guidelines and cyber hygiene relating to FIs and banks.
- You are are able to lead initiatives on data analytics (rule-based/ ML) and familiar with data analytic tools (e.g. Python, Power BI & Tableau)
- You understand banking business and technology priorities (with associated emerging/ inherent/ residual risks), so as to translate them into automated audit test steps using data to enhance audit focus on control assessment and targeted sampling.
The day-to-day activities:
- Support the Head of Technology Audit as part of the Audit team.
- Plan and perform risk-based assessments, focusing on risks arising from the Technology, Cyber Security, Data Governance & Engineering areas.
- Execute audit reviews and fieldworks, including work paper documentation, drafting of audit findings and leading the issue discussion internally and with stakeholders.
- Assist to draft audit reports and participate in the presentation of audit findings.
- Ensure effective and timely execution of audit projects in accordance with audit methodology and timelines.
- You may be required to participate/ support in ad-hoc projects, special thematic reviews or special independent investigations.
- Build and maintain healthy relationships with different levels of management, stakeholders, and be a trusted risk advisor on control related matters.
- Actively participate in driving data analytics capabilities and maintenance of audit workflow system (i.e. GRC), so as to improve the effectiveness of Internal Audit.
The must haves:
- Bachelor's degree in Computer Science/ Information Systems (or equivalent) or higher from a globally recognized university
- Related certifications (i.e. CISA, CISSP, CIA, AWS certifications or similar) are preferred
- Minimum 8 years of experience with Data Analytics, Cloud Computing and Security, or audit experience in IT/ Technology, Information Management, Digital Channel and Cyber & Security Risk Management
- Strong knowledge of MAS Technology Risk Management (TRM) Guidelines, FSM-N05 and FSM-N06
- Highly competent with IT audit methodologies and concepts; including the agile audit methodology
- Good understanding of IT-related and technology products in the digital banking space.
- Familiar with emerging technologies and possess an interest to stay abreast of industry developments (e.g. DevOps, Cloud, APIs, service-oriented architectures etc).
- SME’s knowledge regarding technology application process/ control disciplines, consumer banking control processes, digital channels and products.
- An excellent team player
- Confidence in dealing with senior stakeholders particularly at the Management Committee and Board Audit Committee is a plus
- Able to work independently and possess the courage to challenge risk-decisions made by senior stakeholders, from a 3rd line of defence perspective
- Well-developed communication and interpersonal skills
- Good analytical, presentation and report writing skills
- Located in Singapore, and ability to travel for work when required is a plus
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
11
1
0
Category:
Compliance Jobs
Tags: Agile Analytics APIs Audits AWS Banking Business Intelligence CIA CISA CISSP Cloud Computer Science Data Analytics DevOps Governance Python Risk management Strategy Travel
Region:
Asia/Pacific
Country:
Singapore
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Security Analyst jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsIT Security Engineer jobsCyber Security Specialist jobsSenior Penetration Tester jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsSystems Engineer jobsSystems Administrator jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsCloud Security Architect jobsIT Security Analyst jobsPrincipal Security Engineer jobsStaff Security Engineer jobsSecurity Operations Analyst jobsCybersecurity Specialist jobs
DevSecOps jobsKubernetes jobsEncryption jobsPowerShell jobsIDS jobsSplunk jobsSaaS jobsEDR jobsSDLC jobsIPS jobsRMF jobsSQL jobsTop Secret jobsIntrusion detection jobsBash jobsCompTIA jobsThreat detection jobsITIL jobsFinance jobsOWASP jobsDoDD 8570 jobsCRISC jobsDocker jobsActive Directory jobsBanking jobs
UNIX jobsTCP/IP jobsVPN jobsGIAC jobsTerraform jobsSANS jobsClearance Required jobsIT infrastructure jobsHIPAA jobsSOX jobsSOC 2 jobsOSCP jobsCISO jobsIndustrial jobsJavaScript jobsCCSP jobsData Analytics jobsDNS jobsSOAR jobsPolygraph jobsJira jobsAnsible jobsMITRE ATT&CK jobsCyber defense jobsGCIH jobs