First Level Executive, IT Audit, Internal Audit Department

ROLE PURPOSE

Assist Manager in delivering independent and objective assurance aimed at enhancing the Bank's operations through a systematic, risk-based approach. This includes evaluating and improving the design and effectiveness of governance, risk management, and control processes towards achievement of the Bank's strategic objectives and mandates, operational effectiveness and efficiency, as well as compliance with applicable laws and regulations.

PRINCIPAL ACCOUNTABILITIES

1. Assist Manager in performing IT audits to provide independent assurance to Board Audit Committee (BAC) on the following:

a) Effectiveness of Bank's governance, risk management and control processes towards the achievement of the Bank's strategic objectives and mandates.

b) Objective risk assessment for value-add insights to BAC on key organisational risks and half-yearly assessment on common audit observations and remedial measures.

c) Monitor and ensure effective implementation of remedial actions for closure of audit issues.

2. Perform IT audit assessments of complex, technical and new areas, particularly in cyber security, IT and OT infrastructure, cloud & digital initiatives, third-party risks and automated currency operations.

3. Provide value-added insights and recommendations to stakeholders in strengthening the control environment of line departments/ BNM and representative offices/ affiliates/ international organisations.

4. Assist Manager in providing advisory services and insights on critical and vulnerable areas identified by Senior Management (including ad-hoc assignments, compliance reviews and agile audits).

5. Perform the mandatory annual compliance assessments, such as SWIFT Customer Security Controls Framework (CSCF), Information Security Management System (ISMS), Participation Rules for RENTAS Bank Gateway and Malaysia's Cyber Security Act 2024.

6. Implement department's initiatives/ projects and proposals to ensure alignment with Bank's business and strategic objectives including procurement of outsourcing/ co-sourcing services.

7. Assist Manager in performing assessments on ethics, risk culture and work climate of line departments / affiliates / international organisations and escalate the outcomes to respective key stakeholders.

8. Perform benchmarking exercises on key risk themes (including but not limited to supervisory and surveillance practices, currency and procurement management, physical and information security, IT, OT, cybersecurity, cloud computing, and BCM) and share best practices to enhance the Bank's control environment.

9. Implement RBIAF to support the effectiveness and efficiency of internal audit function and processes,in line with the IIA Standards.

QUALIFICATIONS

• Academic Qualifications: Bachelor degree in IT and cybersecurity related field and professional certification(s), preferably related to audit (CISA, CISM, CISSP, ISO27001)
• Experience: At least 2 years working experience in IT audit, IT supervision, IT risk functions or relevant working experience.

ONLY SHORTLISTED CANDIDATES WILL BE NOTIFIED