Job Description

:
You will be involved in planning and leading Information Technology (IT) internal audit projects as defined in the risk-based Audit Plan. This will include planning the individual audit engagement, designing and testing the control, presenting the audit findings, writing the audit reports and follow-up on remediation.
In this role, you are required to:

• Assist with the IT Annual Audit plan preparation and assessment
• Partner with business auditors to develop a risk-based audit scope on IT controls for business integrated and infrastructure audits.
• Develop and communicate the audit plan, including determining the audit objective, scope, timeline and criteria to the stakeholders / Business Units, including opening meeting
• Detailing and communicating the scope, roles and responsibilities to the audit team members
• Plan for regular team meeting, opening and closing meeting
• Prepare and collate findings and / or feedback from IT team members for closing meeting presentation and inclusion in the audit report
• Lead, coach and supervise junior IT auditors to perform audits
• Liaise with stakeholders, lead discussions and monitor fieldwork progress
• Assist and complete audits in a timely and efficient manner in accordance with standards established by industry best practices and the relevant risk and regulatory environment
• Evaluate IT internal control design and operating effectiveness and manage remediation activities
• Communicate root causes of identified issues, associated risks, on the current and future business model and operating environment and include recommendations and action plans for improvements in business processes
• Build strong relationship with 1st and 2nd line of defence to identify potential red flags and ensure that insights to emerging risk and controls are identified and managed
• Manage 3rd party IT audit support team/ resources where applicable
• Participate in major business initiatives, and pro-actively advise and assist the business on change initiatives

To be successful in the above role, you should have:

• Bachelor's Degree in Computer Engineering/Computer Science or related studies
• Minimum 4 consecutive years of IT audit working experience
• Knowledge of COBIT or ISO27001 or ITIL or MAS Technology Risk Management Guidelines or similar standards
• Experience in performing IT applications and general controls review, and cybersecurity review
• Able to work independently, possess good communication skills and demonstrate good work ethics
• Experience in data analytics and usage of related technology tools in financial and insurance sectors has added advantage
• Professional qualifications (e.g. CISA, CISSP) are highly preferred

Skills Required