IT Auditor

Company Description

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.

Job Description

As an IT Auditor, you will play a crucial role in shaping and executing a risk-based audit strategy, diving into IT audits and risk assessments to evaluate and enhance control effectiveness.

What will you do?

IT Audit and Risk Assessment

• Develop a risk-based internal audit plan.
• Conduct IT audits, compliance and IT risk assessment, in areas covering IT general controls, application controls, infrastructure controls, and cybersecurity.

Risk Identification and Control Evaluation

• Identify and evaluate complex technology and business risks and internal controls designed to mitigate these risks.
• Assess the design and operating effectiveness of controls in mitigating IT risks.
• Recommend opportunities for internal control improvement based on risk evaluations.

Audit Reporting and Stakeholder Management

• Provide audit report covering audit findings, root cause and recommendations for improvements.
• Present audit findings to senior stakeholders, both internal and external, clearly and professionally.
• Follow up with project teams to ensure that root causes are addressed and that corrective actions are implemented effectively.

Qualifications

• Minimum 5 years of ICT experience, preferably with a few years in ICT audit and/or Risk Assessment.
• Relevant IT audit certifications such as CISA, CISM, CISSP, CRISC, and/or ISMS Lead.
• Good understanding of SOC 1 and SOC 2, COSO, COBIT, ISO/IEC 27000, CIS or equivalent standards.
• Strong understanding of complex business and IT processes, and their related risks.
• Prior experience in project management, application development, and cloud application development throughout the project lifecycle, including both traditional SDLC and Agile methodologies, or in infrastructure implementation and operations.
• Self-motivated and proactive attributes, with the ability to deliver quality and thorough audit work, with an eye for detail.
• Good written and verbal communication and presentation skills.
• Experience working in Big Four audit firm (has an added advantage).