Manager, Technology Audit (Cybersecurity)
Get to know our Team:
- Internal Audit is an independent function within Grab that provides an objective assurance and advisory role to Grab’s senior management.
- We use a systematic, disciplined risk-based approach to evaluate and assess Grab’s risks, processes and internal controls.
- Reflecting Grab’s entrepreneurial spirit, Internal Audit covers multiple businesses and technology areas.
Get to know the Role:
- As a Manager of Technology Audit, you are responsible to effectively manage audits and risk advisory activities that cover the associated risks arising from use of Technology activities across Grab’s businesses.
- You report directly to the Head of Technology Audit & Innovation, and work in a team of 4 technology auditors who are specialised in the audits of Technology and related activities within the Grab’s businesses.
- We seek a candidate who brings excellent audit and risk advisory experience to complement the Technology Audit team, in a fast-paced and dynamic environment.
- You effectively plan, manage and execute audits, including the design of audit work steps to evaluate the risks associated with governance, financial, operational, regulatory, and business continuity.
The day-to-day activities:
- Support the Head of Technology Audit & Innovation as part of the Technology Audit team.
- Work with the Technology Audit team and partner the other IA teams, focusing on all risks arising from the Technology activities across Grab’s businesses.
- Plan and perform risk-based assessments, understand and evaluate the business environment, related technology controls and processes.
- Prepare draft/ final report and participate in the presentation of audit findings.
- Develop and maintain business relations with Grab’s management, and be the trusted risk advisor on control related matters.
The must haves:
- Bachelor's degree in information systems, computer science/engineering, accountancy, finance or equivalent, with professional certification (e.g., CISA, CISM, CISSP) as an added advantage.
- Specialised experience in auditing cybersecurity domains and/or cloud computing.
- 10-12 years of technology audit and risk advisory (including Sarbanes-Oxley) experience.
- Strong knowledge of technology regulatory requirements and expectations within South-East Asia.
- Excellent command of English.
- Proficiency in productivity tools (email, calendar, Word, Excel, PowerPoint).
- Located in Singapore, and ability to travel for work when required.
Experience and knowledge in the following:
- Excellent technology auditing skills, with strong confidence for interaction with stakeholders.
- Experience with the use of data analytics and visualisation tools for audit will be an added advantage.
For further information, and to apply, please visit our website via the “Apply” button below.