Group Audit helps the Board and Executive Management meet the strategic and operational objectives of the DBS Group. We conduct independent checks to ensure that the Group's risk and control processes are adequate and effective. All our team members are highly sought-after professionals who work as trusted advisors to our clients, in all matters related to a company's internal controls.
DBS Group IT Audit is setting the standard to audit the future of banking technology. Our 4-function IT audit team consists of Application, Enterprise Process, IT Infrastructure and Cyber Security. This position is open in the Cyber Security team in Singapore. Reporting into IT Functional Audit Head, you are responsible for end to end audits, track audit issue closure, validate control effectiveness post remediation, continuous monitoring of the IT landscape, writes and speaks well at all levels. You will also support the audit function in continuous auditing activities to improve effectiveness and efficiency of the IT audit function. As Singapore is the Head Office to DBS Group, some travelling can be expected (10% to 15%) in this role.
Responsibilities
Cybersecurity audit work includes review of cyber security controls across IT Infrastructure and Application. As Cybersecurity expert, you will have responsibilities in assessing and monitoring the effectiveness and adequacy of the Bank's cyber defence control measures and operation processes.
Develop IT audit strategy and manage the audit plan and resources
Lead and/or undertake audit projects to provide reliable and independent assurance
Identify and assess potential risks in accordance with current regulatory and statutory requirements
Establish and build relationships with senior stakeholders to educate the business in the control framework and influence business processes
Define and develop Continuous Auditing requirements
Supervise and coach team members
Requirements
More than 10 years of relevant experience
Practical hands-on experience in performing independent security assessment to IT infrastructure and application
Demonstrate strong understanding of the cybersecurity controls, operations and well-versed in the areas of application security
Ability to interpret cybersecurity vulnerabilities and provide recommendations according to industry security best practices
Knowledge of cyber-related government regulations (MAS, CSA, HKMA, RBI, FSI, etc) and compliance will be an advantage
Degree in Information Technology
Professional Certification - CISA & CISSP
Technical Knowledge
Digital Banking delivery channel adoption:
Internet, web hosting, mobile, Wi-Fi
Multi-channel distribution
Mobile application development
Cloud Security
Cyber Security
Malwares, attacks & defences
Biometrics
Security operations & surveillance
Vulnerability Assessment / Penetration Testing
Source code review
Infrastructure security & processes
Network devices (e.g. firewalls, switches and routers)
System & database platforms (e.g. Wintel, Unix, Mainframe, Oracle, MS SQL)
IT processes (e.g. Data Centre Operations, Change Management, Incident Management)
Authentication & Authorisation Controls
Multi-factor authentication
Identity and Access Management (including Active Directory, PID, & Authentication protocols such as SAML, oAuth)
Business Analyst Skills
Banking product domain knowledge acquisition:
Treasury and Markets, Securities, Finance, Risk Management and Islamic Banking
Institutional Banking and Global Transactions Services
Consumer Banking and Wealth Management
User requirements understanding
Application release functionalities validation
Security / control design assessment
Regulatory compliance
Data Analytics
Risk assessment particularly in regard to assessing the probability and impact of an internal control weakness
Development Approach
Agile project management
Rapid release management
Programming standards
Mobile application development
Apply Now
We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognises your achievements.