- Assist to develop a comprehensive IT audit program in accordance with best practices and guidelines set forth by regulators relevant to the country of operations (Bank Negara Malaysia, Monetary Authority of Singapore, Bank Indonesia, Financial Conduct Authority).
- Evaluate the design and effectiveness of technology controls throughout business processes:
- Evaluate compliance with policies, procedures, regulations and guidelines issued by both management and regulatory authorities.
- Support execution of audits/ assessments of IT processes against leading practices, frameworks and common standards (e.g. CoBIT, ITIL, ISO 27001/02).
- Conduct specific thematic reviews and technology audits which include the evaluation of systems security controls, user access reviews, network and system vulnerabilities/application/data centre assessments, business continuity testing, IT disaster recovery plans
- Participate in exit meetings to discuss audit findings and recommendations with the auditees. Thereafter assist in the preparation of the audit report.
- Follow up on open audit findings with auditees for timely resolution/rectification actions.
- Conduct ad-hoc tasks/activities to support the functions of the department as and when needed.
- Malaysian only.
- At least 3-5 years of full-time work experience in information security management and/or related functions (such as IT audit and IT Risk Management).
- Understanding of business processes (e.g., Finance/Accounting, Procurement, Sales, etc.).
- Degree in Information Systems or Technology (IT), Computer Science or other related disciplines with relevant experience in managing cyber risk in financial market infrastructures.
- Knowledge of business and accounting information systems (Accounting, Billing, Payroll, ERP systems such as SAP, Oracle, etc.).
- Professional certification such as CISM, CISA, CSXP, CISSP, CREST, CDCP, GPEN or equivalent is desirable but not compulsory.
- Advanced Ms Office skills especially in Excel and PowerPoint.
- Excellent business writing and verbal communication skills in English.
- Experience in the financial industry is an added advantage.