Technology Auditor

Get to know our Team:

• Internal Audit is an independent function (3rd line of Defence) within GXS Bank that provides an objective assurance and advisory role to senior management.
• We use a systematic, disciplined risk-based approach to evaluate and assess risks, processes and internal controls, while aligning them to the Bank’s overall digital strategy.
• Internal Audit covers multiple businesses and technology functions within the Bank.

Get to know the Role:

• You report to the Head of Technology Audit at GXS Bank, which is part of the IT/ Technology audit team.
• You are passionate about leveraging data analytics and automation, particularly with AI, to support the Internal Audit team in translating these insights into automated audit test steps and enhance audit focus on control design assessment with more targeted sampling.
• While prior audit experience is advantageous, it is not a must-have; as we place equal importance on the candidate having strong technical fundamentals and a keen interest in applying them within an audit context (i.e. activities pertaining to IT/Technology (Applications & Infrastructure), Cyber Security, Data Governance & Engineering and Technology Products at GXS).
• You maintain well documented audit work papers including supporting documents/ evidence in the GRC system, which are subject to regular internal quality assurance review.
• You are able to execute and complete audit projects by adhering to audit methodology, key phases and assigned timelines.
• You are able to keep abreast of MAS regulations on IT-related guidelines and cyber hygiene relating to FIs and banks.

The day-to-day activities:

• Support the Head of Technology Audit as part of the Audit team.
• Plan and perform risk-based assessments, focusing on all risks arising from the Technology, Cyber Security, Data Governance & Engineering and Products.
• Execute audit reviews and fieldworks, including work paper documentation, draft audit findings, and participate in issue discussion with stakeholders.
• Ensure effective and timely execution of audit projects in accordance with audit methodology and timelines.
• May be required to participate/ support in ad-hoc projects, special thematic review or special independent investigation.
• Build and maintain healthy relationships with different levels of management, stakeholders, and be a trusted risk advisor on control related matters.
• Drive data analytics capabilities including the maintenance of audit workflow system (i.e. GRC), so as to improve the effectiveness of Internal Audit.

The must haves:

• Bachelor's degree in Computer Science/ Information System (or equivalent) or higher from a globally recognized university.
• Related certifications (i.e. CISA, CISSP, CIA, AWS Certification or similar) are preferred.
• 3-5 years of hands-on experience with data analytics tools (e.g. Tableau, Power BI) and programming knowledge (e.g. Python, Golang), and a strong interest in automation through AI.
• Good to have knowledge of MAS Technology Risk Management (TRM) Guidelines, FSM-N05 and FSM-N06.
• Good understanding of IT-related and technology products in the digital banking space.
• Have hands-on experience with modern and emerging technology techniques and possess an interest to stay abreast of industry developments (e.g. Web/Mobile, DevOps, Cloud, APIs, service-oriented architectures etc).
• General knowledge regarding technology application process/ control disciplines.
• An excellent team player.
• Able to work independently and possess the courage to challenge risk-decisions, from a 3rd line of defence perspective.
• Well-developed communication and interpersonal skills.
• Good analytical, presentation and report writing skills.
• Located in Singapore, and ability to travel for work when required is a plus.