Technology Auditor

**Get to know our Team**:

- Internal Audit is an independent function (3rd line of Defence) within GXS Bank that provides an objective assurance and advisory role to senior management.
- We use a systematic, disciplined risk-based approach to evaluate and assess risks, processes and internal controls, while aligning them to the Bank's overall digital strategy.
- Internal Audit covers multiple businesses and technology functions within the Bank.

**Get to know the Role**:

- You report to the Head of Technology Audit at GXS Bank, which is part of the IT/Technology audit team.
- As an IT/Technology auditor, you are primarily responsible for executing all audits and risk advisory activities pertaining to IT/Technology (Applications & Infrastructure), Cyber Security, Data Governance & Engineering and Technology Products at GXS.
- You effectively plan, manage and execute audits, including the design of audit test steps to evaluate the risks associated with (but not limited to) governance, financial, operational, regulatory, and business continuity.
- You are able to execute and complete audit projects by adhering to audit methodology, key phases and assigned timelines.
- You keep abreast of MAS regulations on IT-related guidelines and cyber hygiene relating to FIs and banks.
- You are are able to lead initiatives on data analytics (rule-based/ ML) and familiar with data analytic tools (e.g. Python, Power BI & Tableau)
- You understand banking business and technology priorities (with associated emerging/ inherent/ residual risks), so as to translate them into automated audit test steps using data to enhance audit focus on control assessment and targeted sampling.

**The day-to-day activities**:

- Support the Head of Technology Audit as part of the Audit team.
- Plan and perform risk-based assessments, focusing on risks arising from the Technology, Cyber Security, Data Governance & Engineering areas.
- Execute audit reviews and fieldworks, including work paper documentation, drafting of audit findings and leading the issue discussion internally and with stakeholders.
- Assist to draft audit reports and participate in the presentation of audit findings.
- Ensure effective and timely execution of audit projects in accordance with audit methodology and timelines.
- You may be required to participate/ support in ad-hoc projects, special thematic reviews or special independent investigations.
- Build and maintain healthy relationships with different levels of management, stakeholders, and be a trusted risk advisor on control related matters.
- Actively participate in driving data analytics capabilities and maintenance of audit workflow system (i.e. GRC), so as to improve the effectiveness of Internal Audit.

**The must haves**:

- Bachelor's degree in Computer Science/ Information Systems (or equivalent) or higher from a globally recognized university
- Related certifications (i.e. CISA, CISSP, CIA, AWS certifications or similar) are preferred
- Minimum 8 years of experience with Data Analytics, Cloud Computing and Security, or audit experience in IT/ Technology, Information Management, Digital Channel and Cyber & Security Risk Management
- Strong knowledge of MAS Technology Risk Management (TRM) Guidelines, FSM-N05 and FSM-N06
- Highly competent with IT audit methodologies and concepts; including the agile audit methodology
- Good understanding of IT-related and technology products in the digital banking space.
- Familiar with emerging technologies and possess an interest to stay abreast of industry developments (e.g. DevOps, Cloud, APIs, service-oriented architectures etc).
- An excellent team player
- Confidence in dealing with senior stakeholders particularly at the Management Committee and Board Audit Committee is a plus
- Able to work independently and possess the courage to challenge risk-decisions made by senior stakeholders, from a 3rd line of defence perspective
- Well-developed communication and interpersonal skills
- Good analytical, presentation and report writing skills
- Located in Singapore, and ability to travel for work when required is a plus