Design and develop risk-based and data analytical-based audit programs
Plan, lead and execute audits/assessments, which include managing the conduct of audit(s) and ensure that they are delivered on time, on budget, to the required standard and audit methodology
Articulate and discuss control issues/gaps and corrective action plans with stakeholders and auditees
Prepare written audit reports for Senior management, audit committee and auditees
Risk assess the impact and likelihood associated with the control issues/gaps
Validate management's remediation for audit issue closure
Complete working papers for the audit through documenting the audit work conducted, describing the audit work performed and the audit evidence that supports the audit issues/gaps.
Should possess at least 6-8 years working experience (i.e. technical hands-on experience) in the following domains either as a cyber/IT security assessor/auditor or architect/engineer or in cyber security operations role.
Web Technologies Security
Mobile Technologies Security
Should possess strong technical skills and knowledge, analytical and critical thinking skills in order to identify key risks/impact associated with technological implementation and operational processes, and to evaluate controls' adequacy and operating effectiveness.
Should be certified in cyber/IT security (e.g. CISSP, GSEC) and preferably CISA
Should have experience working with industry practices/guidelines such as NIST and COBIT
Should have working knowledge and understanding of risks associated with prevailing technologies such as Mobile and Web applications, Cloud Computing, Virtualisation, Data Loss Prevention, Database security
Should have working knowledge and understanding how cyber adversaries operates and the common modus operandi of cyber-attacks/exploitations such as advanced persistent threats, injection attacks, man-in-middle attacks, unauthorised data exfiltration
Should have working knowledge of latest cyber defence technologies and controls, and cyber related laws/regulations related to banking and/or securities trading industry
Should possess a Bachelor degree related to Technology Security, Computer Engineering, Information Technology or equivalent.
Should have the ability to assimilate new technologies/concepts and conduct technical research to strengthen the assessment abilities
Should be responsible with a sense of accountability and urgency in completing the assigned audit engagements within the given deadlines
Should be able to multi-task and work under pressure
Should possess good communication skills (verbal and written) in English
Should have experience with data analytics tools such as ACL, Python, QuikView
Must be willing to travel 15-20%
Must be able to work independently as well as in a team
Internal Number: 5262139
About OCBC Bank
eFinancialCareers is a career site specializing in financial services.