Job Purpose
You will be responsible for planning and executing IT audits for the Great Eastern Group of Companies. You will also assist the Singapore Chief Internal Auditor, Group Internal Audit, to provide an independent and objective assurance to improve the Group’s IT control environment.
You are self-motivated, a good team player with initiative, who is keen to explore a career switch opportunity and willing to be challenged. We are open to candidates with experience in IT Security/Operations, application development and career auditors to discuss this opportunity.
The Job
· Participate or lead in the planning and execution of audit assignments to ensure quality and timeliness of reports and deliverables;
· Develop risk-based audit plans and testing programs;
· Ensure coverage of relevant regulatory requirements and recommend improvements to corporate policies, procedures and practices to enhance IT control design and enforcement;
· Support business audits through integrated or thematic audits by providing technology expertise and evaluating IT controls supporting the business operations;
· Manage or participate in other ad-hoc assignments including special projects and investigations;
· Contribute to continuous monitoring of technology risk areas. Establish and maintain strong relationship with technology stakeholders including risk management and control groups;
· Assist in the follow-up with auditees on outstanding audit findings through the issuance of Audit Tracking Report and verification of resolved findings;
· Ensure that audit operating standards and procedures are observed, and requirements of the Quality Assurance Review are met; and
· Takes accountability in considering business and regulatory compliance risks and takes appropriate steps to mitigate the risks.
· Maintains awareness of industry trends on regulatory compliance, emerging threats and technologies in order to understand the risk and better safeguard the company.
· Highlights any potential observations /risks and proactively shares best risk management practices.
Our Requirements
· 5 - 7 years of relevant experience in IT security governance, IT Infrastructure/Cybersecurity/outsourcing operations, Technology Risk Management in banking or FI;
· Knowledge or exposure to cybersecurity controls, infrastructure technology (i.e. cloud security, network, virtualization), ethnical hacking, application security, API, micro services and secure coding standards;
· Familiar with the regulatory requirements specific to technology risk management (e.g. MAS, RMiT, OJK);
· Good report writing, communication and presentation skills;
· Complete audit work papers and reports with minimal intervention by the audit manager/team lead;
· Provide continuous monitoring of technology areas, engage technology control partners to upkeep with the changing IT risk landscape of the group;
· Attention to details to ensure completeness and accuracy of audit coverage;
· Strong analytical skill, time management, independent and collaborative;
· Able to interact well with all levels of staff;
· Bachelor's degree in Computer Science or Engineering, Accounting, preferably hold one or more of these professional certifications (e.g. CISA, CISM, CEH, CISSP, CCSP);
· High level of integrity, takes accountability of work and good attitude over teamwork;
· Takes initiative to improve current state of things and adaptable to embrace new changes.
· Self-motivated and takes initiative to improve current state of things and adaptable to embrace new changes; and
· Able to travel overseas when required and safe to do so (10% estimated).
About Great Eastern
Established in 1908, Great Eastern places customers at the heart of everything we do. Our legacy extends beyond our products and services to our culture, which is defined by our core values and how we work. As champions of Integrity, Initiative and Involvement, our core values act as a compass, guiding and inspiring us to embrace the behaviours associated with each value, upholding our promise to our customers - to continue doing our best for them in a sustainable manner.
We work collaboratively with our stakeholders to look for candidates who exhibit or have the potential to embrace our core values and associated behaviours, as these are the key traits that we expect from our employees as they develop their careers with us.
We embrace inclusivity, giving all employees an equal opportunity to shine and play their role in exploring possibilities to deliver innovative insurance solutions.
Since 2018, Great Eastern has been a signatory to the United Nations (UN) Principles of Sustainable Insurance. Our sustainability approach around environmental, social, and governance (ESG) considerations play a key role in every business decision we make. We are committed to being a sustainability-driven company to achieve a low-carbon economy by managing the environmental footprint of our operations and incorporating ESG considerations in our investment portfolios; improving people’s lives by actively helping customers live healthier, better and longer; and drive responsible business practices through material ESG risk management.
To all recruitment agencies: Great Eastern does not accept unsolicited agency resumes. Please do not forward resumes to our email or our employees. We will not be responsible for any fees related to unsolicited resumes.
