Group Audit helps the Board and Executive Management meet the strategic and operational objectives of the DBS Group. We conduct independent checks to ensure that the Group's risk and control processes are adequate and effective. All our team members are highly sought-after professionals who work as trusted advisors to our clients, in all matters related to a company's internal controls. Responsibilities:
Experience in two or more areas in the list below:
- Develop audit strategy and manage the audit plan and resources for the Business Unit (BU) / Support Unit (SU) portfolio.
- Manage execution of audit assignments in the designated portfolio efficiently, communicate audit findings to stakeholders with a clear logic flow, and provide effective support to manager during audit planning and reporting.
- Develop IT audit procedures with innovation and creative thinking using data analytics and automation.
- Analyze and identify IT control points on services-oriented architectures, cloud services, virtualized environments, network technologies, agile software development and information security.
- Evaluate IT components of platforms and applications against internal standards, policies, procedures and IT standards and framework, including identifying symptoms and root cause.
- Execute cyber threat reviews such as conduct security assessment audit, review penetration testing, open source scan results.
- Promote risk and control awareness among stakeholders, facilitate knowledge sharing across geographic boundary (during overseas assignment) and maintain trusted relationship with line management of the BU/SU by demonstrating strong understanding, and know-how in subject areas.
- Actively advise and apprise IT Audit management of all major risk, control and regulatory issues that impact the control environment.
- Ascertain major concerns and recommendations raised by internal and external auditors, and regulators are resolved satisfactorily.
- Provide coaching and supervision to junior staff through on-job-training and assistant manager in junior staff development.
- Virtualisation technology including container platforms.
- Cloud computing technology.
- Identity Access and Management including Active Directory and authentication protocols such as SAML, OAuth.
- Management of Network infrastructure components such as Routers, Switches, DNS, Proxy.
- Development operations (DevOps) environment, with strong understanding of the IT infrastructure components/processes that are essential in supporting continuous delivery, integration, automated testing, and performance monitoring associated with application development.
Below security skills are good to have but not mandatory:
- Experience in addressing source code vulnerabilities identified by DevSecOps tools such as static code analyser, and dynamic application security testing.
- Penetration testing of network infrastructure / applications.
- Professional auditing, accounting, computer science or University graduate with minimum of 7-10 years of relevant experience. Relevant industry certifications.
- General understanding of overall banking business.
- Strong product knowledge in subject areas.
- Experience in cyber threat security assessment and related preventive, detective and corrective measures.
- Business analysis and application development.
- Good project management and organisation skill.
- Ability to establish effective relationship with line management.
We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognises your achievements.