IT Audit Manager (Infra, CyberRisk)

Malaysia
Tetap
Sepenuh masa

8 jam lepas

Our client is a global bank with a strong presence in Singapore, Malaysia and the APAC region. They are looking for an experienced IT Audit Manager focusing on IT Infrastructure & Cybersecurity Risk to join their team. This is a newly created role under the bank's IT Audit division in Kuala Lumpur, Malaysia. This role will involve you working on more complex audits such as cross-functional and multi-location high risk audits and will also provide you the opportunities to interact and engage with both Group and Country Stakeholders. Open to candidates with no audit experience but has a strong background in IT Infrastructure & Cyber risk background.The IT Audit Manager will collaborate closely with the Audit Team Lead or Team Manager on the audit assignment and deliver impactful and high-quality audit work within the agreed timelines, budget constraints, and in full alignment with established audit methodology. Furthermore, the IT Audit Manager will also be responsible for a continuous monitoring of certain domains.Please contact Nabila Huda and email your CV directly in word format with Job ID: 15488 toPlease note that due to the high number of applications only shortlisted candidates will be contacted. If you do not hear from us in the next 5 business days, we regret to inform you that your application for this position was unsuccessful. nabila_h@theedgepartnership.comKey responsibilities

Support the Head of Technology Audit and Senior Audit Managers (SAMs) in Technology Audit function and perform risk assessment and audit planning activities.
Suggest audits for coverage during the planning cycle based on key ICS risks
Execute responsibilities in accordance with the Audit Charter, maintaining independence from management and avoiding any interference.
Actively participate as a team member or leader in assigned audit work
Ensure audit deliverables adhere to quality standards and timelines according to audit methodology.
Draft contributions to audit scope, including the Audit Planning Memo and Process Risks Controls Matrix
Assist in drafting the audit issues and report during the audit reporting phase.
Monitor the remediation of audit issues for assigned audits and validate issues as per the agreed timelines.
Support high-risk audits of ICS and collaborate with GIAI teams
Execute audits efficiently, adhering to budget and timelines
Update Audit Team Lead and Manager on progress and obstacles, ensuring quality standards
Work with Audit Team Lead and Manager to draft issues, articulate risks, and obtain action plans
Conduct audit testing using data analytics
Demonstrate proactivity engagement during team sessions
Identify growth areas at each audit and collaborate on strategies
Assist the HOA in managing audit costs within the allocated budget for engagements
Establish and maintain effective working relationships with the management of relevant ICS units.

Role requirements

Strong understanding of identity and access management, vulnerability management, code security, security operation center, threat intelligence, red and purple teaming, penetration testing, ICS related industry standards such as NIST and CIS, and risk management
IT infrastructure components, including servers, networks, databases, and cloud services would be a plus.
Knowledge of cybersecurity principles, frameworks, and best practices
Proficiency in audit tools and techniques
Excellent analytical and problem-solving abilities with keen attention to detail.
Education: Bachelor's degree in information technology, Computer Science, Information Systems, or a related field. A master’s degree is a plus
Experience: Minimum of 5 years of experience in IT auditing, information security, or risk management
Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Cloud Security Professional (CCSP), and Global Information Assurance Certification (GIAC) related certificates are highly desirable. Other designations such as Certified in Risk and Information Systems Control (CRISC) and Certified Information Security Manager (CISM), and Certified Internal Auditor (CIA) are a plus.

The Edge Partnership

Memohon