Lead IT Auditor

  • 7-8k p.m.
  • Singapore
  • Permanent, Full time
  • Upper Spring Consulting Pte. Ltd. , EA Licence No: 14C7380
  • 01 Oct 18

Our Client in the Maritime Industry is looking for a Lead IT Auditor to perform independent reviews of IT domains and integrated audits across the various entities in the scope of the Group Internal Audit department.

Environment: Group Internal Audit reviews the effectiveness of the internal control and risk management framework operated within the Group and directs the global internal audit teams to accomplish its objectives of providing independent and objective assurance on the effectiveness of risk management, internal control and governance processes. The IT Audit Team is composed of IT auditors performing IT-related audits at Group level. The scope of their work includes application and infrastructure reviews. IT auditors also provide resources and expertise to business audits while auditing various entities such as agencies, regional offices, subsidiaries & terminals.

Core activities:
As a member of the Group Internal Audit team, participate in the definition, planning, and realization of IT audit assignments over all technology related areas in accordance to our methodology, including assessments related to:

  • IT Management & Governance
  • Project Development & Delivery, Project Portfolio Management
  • IT Operations
  • Information Security, including cybersecurity,
  • Business Continuity and Disaster Recovery.

- Contribute to the presentation of audit conclusions to the top management of the audited area.
- Contribute to the draft audit report elaboration, including the formalization of added value recommendations.
- Participate in the recommendations’ follow-up and action plans monitoring.
- Contribute to the development and the maintenance of the IT audit working program / tools and knowledge sharing across the team.

- Graduate specializing in information systems.
- 5 to 10 years of IT audit experience in an international environment.
- Skills:

  • Knowledgeable in IT security / cybersecurity
  • Able to perform penetration testing of applications, IT systems and networks
  • Thorough understanding and performance of Information Systems auditing; covering IT general control reviews, application control reviews, and Information Security assessments
  • Good to excellent knowledge of mainframe, Unix and Windows operating systems, information security, and networks
  • Strong understanding of risk management and ability to independently plan technical audits
  • Good sense of data and strong experience with data analytics
  • Application of information systems controls and business process controls during audits
  • Experience in management of IT systems or networks
  • SAP (ECC, CRM or GRC) audit experience
  • Computer forensics and investigations
  • Anti-fraud auditing

- Knowledge of IT audit methodologies (GTAG) as well as IT standards (COBIT 5)
- Professional certifications (CISA, CISM, CISSP)
- Familiar with ISO27000 security policy, CobiT methodology, COSO ERM framework, and other IT frameworks / methodologies (e.g., ITIL)
- Must be willing to travel up to 40% per year
- Excellent written and oral communication skills including experience with executive-level communications as well as strong organizational and interpersonal skills