IT Audit & Risk Consultant

Genesis Networks Pte Ltd
Competitive salary
28 Oct 2020
03 Nov 2020
Industry: Banking/ Financial Services, IT/ Computers - Hardware, IT/ Computers - Software, Data Centre

Functional Area: IT Audit and Compliance Manager


  • Oversee all duties including briefings, audit fieldwork, management responses and follow-up actions to ensure timely execution of audit work plans.

  • Plan, develop and conduct annual IT and data centre operations policy compliance and process audits, as well as technical audits on critical systems and infrastructure.

  • Review audit findings and assess overall state of compliance and risks.

  • Formulate mitigation plans and recommendations to improve state of IT compliance.

  • Prepare and implement development plans to build internal capability in IT audit and compliance management.

  • To conduct information security awareness training

  • Promote best practices and raise organizational awareness on matters relating to Governance, Risk and Compliance.

  • Review and development of security framework, information security policies, processes / procedures and guidelines on an ongoing basis.

  • To conduct security risk management exercise

  • Function as an internal auditor

External Audit and Consulting Projects

  • Undertake any ad-hoc projects or special reviews, which may include investigation, due diligence and advisory.

  • Plan, source and actively manage outsourced augmentation of internal capability, to deliver the committed deliverables.

  • Identify and assess potential risks with customers' IT systems in accordance with current regulatory and statutory requirements

  • Establish compliance with these policies / procedures through ongoing security reviews and audits

  • Point of contact to assist and advise customer for ICT security related matters

  • Undertake external audit and consulting projects on IT security such as IT systems risk assessment, vulnerability assessment and penetration testing


  • A good tertiary qualifications in IT Security Engineering, Computer Science, Information Technology or other related discipline.

  • Preferred certifications: CISSP, CISM, CISA, ISMS Lead Auditor Certification

  • Has minimally 8 years ICT experience, preferably with at least 4 years in ICT audit and/or compliance management positions.

  • Strong understanding of IT management, technology and operations.

  • Good understanding of ISO 27001 and OSPAR preferred

  • Prior experience leading audit teams and conducting audit fieldwork and has good working knowledge and understanding of regulatory compliance, governance and internal controls.

  • Good working knowledge of security risk management, security governance framework and compliance (IT Security Audit / log review), technical vulnerability management (Vulnerability Assessment, Penetration testing), application security, security technologies (system hardening, IDS/IPS, firewall), security incident response and security assessment.

  • Neat in projects delivery, management and documentation. Good interpersonal skills

Similar jobs

Similar jobs