VP/AVP, Technology Auditor (Infrastructure), Group Audit
DBS Bank
- Singapore
- Permanent
- Full-time
- Develop audit strategy and manage the audit plan and resources for the Business Unit (BU) / Support Unit (SU) portfolio.
- Manage execution of audit assignments in the designated portfolio efficiently, communicate audit findings to stakeholders with a clear logic flow, and provide effective support to manager during audit planning and reporting.
- Develop IT audit procedures with innovation and creative thinking using data analytics and automation.
- Analyze and identify IT control points on services-oriented architectures, cloud services, virtualized environments, network technologies, agile software development and information security.
- Evaluate IT components of platforms and applications against internal standards, policies, procedures and IT standards and framework, including identifying symptoms and root cause.
- Execute cyber threat reviews such as conduct security assessment audit, review penetration testing, open source scan results.
- Promote risk and control awareness among stakeholders, facilitate knowledge sharing across geographic boundary (during overseas assignment) and maintain trusted relationship with line management of the BU/SU by demonstrating strong understanding, and know-how in subject areas.
- Actively advise and apprise IT Audit management of all major risk, control and regulatory issues that impact the control environment.
- Ascertain major concerns and recommendations raised by internal and external auditors, and regulators are resolved satisfactorily.
- Provide coaching and supervision to junior staff through on-job-training and assistant manager in junior staff development.
- Virtualisation technology including container platforms.
- Cloud computing technology.
- Identity Access and Management including Active Directory and authentication protocols such as SAML, OAuth.
- Management of Network infrastructure components such as Routers, Switches, DNS, Proxy.
- Development operations (DevOps) environment, with strong understanding of the IT infrastructure components/processes that are essential in supporting continuous delivery, integration, automated testing, and performance monitoring associated with application development.
- Experience in addressing source code vulnerabilities identified by DevSecOps tools such as static code analyser, and dynamic application security testing.
- Penetration testing of network infrastructure / applications.
- Professional auditing, accounting, computer science or University graduate with minimum of 7-10 years of relevant experience. Relevant industry certifications.
- General understanding of overall banking business.
- Strong product knowledge in subject areas.
- Experience in cyber threat security assessment and related preventive, detective and corrective measures.
- Business analysis and application development.
- Good project management and organisation skill.
- Ability to establish effective relationship with line management.