Senior IT Auditor - Cyber Security
- A senior role as IT infrastructure and cyber security expert in Internal Audit
- Responsibility for planning, leading and reporting the results of audits and risk assessments of the bank's IT environment
- Mix of supervision of audit staff and active participation in the audit delivery. This includes development and fostering technical skills as part of talent development during audit engagements
- Assessment of the effectiveness of the Bank's IT control environment, assessing compliance with laws, regulations and best practices, working with the business and IT management to identify commercial and practical solutions to mitigate identified risks
- An opportunity to demonstrate effectiveness in prioritizing competing commitments in order to ensure efficient delivery against agreed timeframes
- Documentation of assigned audit procedures, identification of issues, presentation of findings to management and preparation of audit reports
- Take appropriate audit risks by driving a more risk-based approach on audits while maintaining current levels of audit efficiency
- Develop and foster good working relationship with the key IT stakeholders in APAC
- Gain insights and expertise into the complex IT landscape of the bank
- Bachelor's or master's degree, preferably IT or Engineering related
- At least 5 years' experience in an IT Risk Management, Audit or Consulting role in a diverse multi-platform environment, ideally within the financial industry.
- IT audit certifications like CISA, CISSP, CISM, or equivalent are a plus
- Technical knowledge of cybersecurity risks and controls, as well as several of the following technologies: network devices, operating systems, databases, storage technologies, firewalls, intrusion detection/prevention systems, messaging systems, web application technologies, mobile platforms, DLP tools, cloud computing, etc.
- Familiarity with operational processes, tools and control best practices in managing a complex IT infrastructure environment, including systems monitoring, capacity management, resiliency, security/access controls, configuration/inventory management, backup and recovery, change management, systems development practices, etc.
- Outstanding technical and analytical abilities, including familiarity with application and IT general controls, technical environments and emerging IT trends
- Motivated and proactive professional with strong organizational and interpersonal skills, able to build good working relationships with senior management across a variety of cultures
- Results-driven work style and the ability to align audit findings in a constructive way with the relevant IT and business stakeholders
- Excellent communication skills including fluent spoken and written English