AVP/VP, IT Audit, Internal Audit Department

As a regional Information Technology (IT) auditor, you will add value and improve the Bank’s IT and Information Security (IS) activities by bringing an efficient and disciplined approach to the effectiveness of governance, risk management and control processes. You will travel and work closely with internal audit counterparts on a regional scale to conduct audit visits. You will have the opportunity to work with the stakeholders to evaluate internal controls and providing recommendations to strengthen these processes. As a specialised IT auditor, you will play a critical role in promoting a strong risk management culture and improving the technology and security control environment across the Asia Pacific region.

Responsibilities

• Lead and/or execute audits independently and efficiently, which includes audit planning, fieldwork, reporting and, issue follow-up and closure.
• Conduct the audit activites in accordance with the Bank's internal audit methodology.
• Assess the Bank's IT and IS internal control environment with view to provide value-adding recommendations to Management to address emerging issues or remediate identified weaknesses.
• Apply data analytics to assess the internal control environment.
• Establish and develop good working relationships with Management of assigned IT and IS departments, for which the candidate has been assigned risk assessment responsibilities.
• Contribute to the annual risk assessment exercise by developing a good understanding of the business strategy, plans, products, processes, performance, risks, and issues of the assigned IT and IS departments across the region.
• Perform continuous monitoring on IT and IS activities across the region, to keep abreast on evolving markets, regulatory, business and operational changes to drive appropriate ongoing audit coverage.
• Participate in the team’s strategic initiatives and projects as opportunities arise.

Requirements

• Minimum of 6 years of experience in IT/IS audits, preferably in the banking environment.
• Familiar with execution of risk-based audits.
• Familiar with technology risk management.
• Certified Information Systems Auditor
• Certified Information Systems Security Professional or equivalent preferred.
• Familiar with the regulatory requirements specific to technology risk management and cyber security across the Asia Pacific region (e.g. Monetary Authority of Singapore, Reserve Bank of India, Bank of Thailand).
• Proficient in both spoken and written English.
• Good interpersonal and stakeholder management skills.
• Good team player as well as able to work independently.
• Meticulous, disciplined and self-motivated individual with the passion to pursue excellence.