Information Technology Audit Manager
Assurity Trusted Solutions
- Singapore
- Permanent
- Full-time
- Develop and customise audit programmes/security audit checklists to assess the design and operating effectiveness of internal controls in mitigating IT risks.
- Lead, plan, develop and conduct annual policy compliance and process audits, and technical audits on critical systems and infrastructure.
- Manage agency interactions, including briefings, conduct of audit fieldwork, management responses, and follow-up actions to ensure on-time and on-target execution of audit plans.
- Review audit findings and assess agencies’ and Whole-of-Government overall state of ICT governance and risks.
- Formulate mitigation plans to improve the state of overall ICT governance.
- Work with multiple agencies at the working and management levels to assess the current situation and identify recommendations to address the gaps.
- Monitor and validate audit findings to ensure control remediation is effective and root causes have been addressed.
- Plan, source, and actively manage outsourced augmentation of internal capability, to deliver the committed deliverables.
- Perform ICT&SS audits of Government agencies determined by the Audit and Compliance Division of GovTech;
- Perform In-depth audit of Government agencies’ ICT&SS processes/applications/supporting infrastructure and systems
- Perform follow-up audit (FUPA) of past audit findings of Government agencies determined by ACD; import audit findings into the central repository;
- Perform any other related services which may be required by ACD to carry out the ICT&SS audit.
- With at least 6 years of working experience with a solid record in IT Audit, applicants with more experience can be considered for a Senior IT Audit Manager role.
- Prior experiences in leading an end-to-end IT Audit.
- Strong security background (understanding risk assessment, legal & regulatory requirements, threats, vulnerabilities, security policies etc.)
- Experience in performing audits for compliance with COBIT framework and ITIL practices.
- Familiarity with IM8 or equivalent ICT policies is plus
- Performed security assessments benchmarked against common security standards such as NIST 800-53 or ISO 27001
- Prior experience in Application Development and Cloud are preferred but not mandatory
- Good communication & interpersonal skills.
- Excellent stakeholder management, influencing & planning skills.
- Possess CISSP/CISA/CISM, or other relevant cybersecurity qualifications
- A wholly-owned subsidiary of GovTech.
- We promote a learning culture and encourage you to grow and learn.
- A competency framework is in place to help you grow your career with us.