Group Audit helps the Board and Executive Management meet the strategic and operational objectives of the DBS Group. We conduct independent checks to ensure that the Group's risk and control processes are adequate and effective. All our team members are highly sought-after professionals who work as trusted advisors to our clients, in all matters related to a company's internal controls. Group Audit helps the Board and Executive Management meet the strategic and operational objectives of the DBS Group. We conduct independent checks to ensure that the Group's risk and control processes are adequate and effective. All our team members are highly sought-after professionals who work as trusted advisors to our clients, in all matters related to a company's internal controls. Responsibilities
- Plan, lead, manage and execute regional and local audits covering areas of cybersecurity, IT infrastructure and application controls in accordance with department and professional standards
- Manage assignments locally and/or regionally efficiently and effectively including defining audit scope, risk matrices and testing strategy, and drafting audit working papers and reports
- Keep abreast of emerging issues in the relevant units under his/her audit portfolios. Perform ongoing risk and control assessment of the designated audit portfolios and take necessary actions to reflect/address material changes in the assessments
- Actively advise and apprise Audit management of all major risks, control and regulatory issues that impact the control environment of the Bank
- Manage key relationships with management of IT including relevant support units
- Provide recommendations, where appropriate, to enable that major concerns and recommendations raised by auditors and regulators are resolved satisfactorily
- Participate in developing and managing the annual audit plan of relevant audit portfolios
- Guide and support other audit team members where necessary or appropriate
- Involve in ad hoc projects and initiatives as required
- Degree or above in information technology, computer science or equivalent disciplines
- Relevant professional qualifications, e.g. CISA, CISSP, CISM, GPEN, GWAPT or equivalent, are preferred
- Minimum 8 years' working experience in IT audit, information security or cybersecurity field in banking industry / financial institution / technology / consulting field or relevant experience in financial institutions, preferably with regional exposure
- Knowledge and experience in cybersecurity and various platforms including open systems, networks, cloud computing, DevOps, continuous integration / continuous delivery (CI/CD), etc.
- Solid knowledge of regulations (e.g. HKMA, SFC and MAS)
- Superior analytical skills and a strong sense of ownership, with data analytics and/or predictive modelling experience would be an advantage
- Solid reporting, presentation and communication skills in English. Good command of Chinese and Putonghua would be an advantage
- Be open-minded, agile and adaptable to changes
- Willing to travel for overseas assignments
- Candidate with less experience will be considered as Senior Associate
We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognizes your achievements.
We regret only shortlisted candidates will be notified.