Digibank Malaysia Project - Head of Technology Audit
Get to know our Digital Bank Team:
Grab is leading a consortium for Digital Bank license and build a bank with the right foundation - using data, technology and trust to solve problems and serve customers. We have big dreams to unlock and financial inclusion for people in our region is just one. If you have what it takes, help build our new Digibank with us.
Get to know our Team:
- Internal Audit is an independent function (3rd line of Defence) within Digital Bank that provides an objective assurance and advisory role to senior management.
- We use a systematic, disciplined risk-based approach to evaluate and assess risks, processes and internal controls, while aligning them to the Bank’s overall digital strategy.
- Internal Audit covers multiple businesses and technology functions within the Bank.
Get to know the Role:
- You report directly to the Head of Internal Audit at Digital Bank.
- As the Head of Technology Audit, you are primarily responsible for managing all audits and risk advisory activities pertaining to IT/Technology (Applications & Infrastructure), Cyber Security, Data Governance & Engineering and Technology Products at Digital Bank.
- We seek a candidate who brings excellent audit and risk advisory experience to lead the Technology Audit team, in a fast-paced and dynamic environment.
- You shall develop the scope of work in accordance with established policies, procedures, laws and regulations, which entails the examination and evaluation of all functions and activities that are assigned to you.
- You effectively plan, manage and perform the full audit cycle starting from annual audit planning, scoping and developing work programmes to evaluate the risks associated with governance, financial, operational, regulatory, and business continuity.
- Keep abreast of Bank Negara Malaysia regulations on IT-related guidelines and cyber hygiene relating to FIs and banks.
- You are familiar with current technology tools (e.g. Power BI & Tableau) and well versed in data analytic initiatives (rule-based/ ML) and business priorities (with associated emerging/ inherent/ residual risks), so as to translate them into automated audit test steps using data to enhance audit focus on control design assessment and targeted sampling.
The day-to-day activities:
- Support the Head of Internal Audit as part of the Core Internal Audit Management Team.
- Lead the Technology Audit team, focusing on all risks arising from the Technology, Cyber Security, Data Governance & Engineering and Products.
- Plan and perform risk-based review, understand and evaluate the management’s control awareness, business environment, related controls and processes.
- Provide guidance and coaching to the team, lead discussions, present audit findings to key stakeholders and senior management.
- Review draft/ final report
- You may be required to lead/ participate in ad-hoc projects, thematic review or special independent investigation.
- Escalation of material / significant audit findings to Board Audit Committee or senior management on a timely basis (if required).
- Build and maintain healthy relationships with senior levels of management, stakeholders, and be a trusted risk advisor on control related matters.
- Develop and evolve the data analytics capabilities, so as to improve the effectiveness of Internal Audit.
The must haves:
- Bachelor's degree in Computer Science/ Information System (or equivalent) or higher from a globally recognized university
- Related certifications (i.e. CISA, CISSP, CIA, AWS Certification or similar) are preferred
- Minimum 15 years of audit experience in IT/ Technology, Information Management, Digital Channel and Cyber & Security Risk Management
- Highly competent with IT audit methodologies and concepts; including the agile audit methodology
- Good understanding of IT-related and technology products in the digital banking space.
- Familiar with modern and emerging technology techniques and possess an interest to stay abreast of industry developments (e.g. DevOps, Cloud, APIs, service-oriented architectures etc).
- SME’s knowledge regarding technology application process/ control disciplines, consumer banking control processes, digital channels and products.
- Possess strong leadership skills, confidence in dealing with regulators, senior stakeholders particularly the Management Committee and Board Audit Committee
- Take accountability and possess the courage to challenge risk-decisions made by senior stakeholders, from a 3rd line of defence perspective so as to uphold the value of integrity and be able to discharge responsibility professionally
- Well-developed communication and interpersonal skills
- Good analytical, presentation and report writing skills
- Ability to lead and manage, locally and remotely (if required), a team of internal auditors
Candidates must be resident in Malaysia, or have the right to work in Malaysia.