IT Audit & Risk Consultant

Recruiter
Genesis Networks Pte Ltd
Location
Singapore
Salary
Competitive salary
Posted
28 Oct 2020
Closes
03 Nov 2020
Ref
9f2fbd73d336
Sector
IT/Telecoms
Industry: Banking/ Financial Services, IT/ Computers - Hardware, IT/ Computers - Software, Data Centre

Functional Area: IT Audit and Compliance Manager

In-house


  • Oversee all duties including briefings, audit fieldwork, management responses and follow-up actions to ensure timely execution of audit work plans.




  • Plan, develop and conduct annual IT and data centre operations policy compliance and process audits, as well as technical audits on critical systems and infrastructure.




  • Review audit findings and assess overall state of compliance and risks.




  • Formulate mitigation plans and recommendations to improve state of IT compliance.




  • Prepare and implement development plans to build internal capability in IT audit and compliance management.




  • To conduct information security awareness training




  • Promote best practices and raise organizational awareness on matters relating to Governance, Risk and Compliance.




  • Review and development of security framework, information security policies, processes / procedures and guidelines on an ongoing basis.




  • To conduct security risk management exercise




  • Function as an internal auditor



External Audit and Consulting Projects


  • Undertake any ad-hoc projects or special reviews, which may include investigation, due diligence and advisory.




  • Plan, source and actively manage outsourced augmentation of internal capability, to deliver the committed deliverables.




  • Identify and assess potential risks with customers' IT systems in accordance with current regulatory and statutory requirements




  • Establish compliance with these policies / procedures through ongoing security reviews and audits




  • Point of contact to assist and advise customer for ICT security related matters




  • Undertake external audit and consulting projects on IT security such as IT systems risk assessment, vulnerability assessment and penetration testing



Requirements:


  • A good tertiary qualifications in IT Security Engineering, Computer Science, Information Technology or other related discipline.




  • Preferred certifications: CISSP, CISM, CISA, ISMS Lead Auditor Certification




  • Has minimally 8 years ICT experience, preferably with at least 4 years in ICT audit and/or compliance management positions.




  • Strong understanding of IT management, technology and operations.




  • Good understanding of ISO 27001 and OSPAR preferred




  • Prior experience leading audit teams and conducting audit fieldwork and has good working knowledge and understanding of regulatory compliance, governance and internal controls.




  • Good working knowledge of security risk management, security governance framework and compliance (IT Security Audit / log review), technical vulnerability management (Vulnerability Assessment, Penetration testing), application security, security technologies (system hardening, IDS/IPS, firewall), security incident response and security assessment.




  • Neat in projects delivery, management and documentation. Good interpersonal skills

Similar jobs

Similar jobs