GXBank - Technology Audit Manager

Job Description

Get to know our GXBank Team:
GX Bank Berhad - the Grab -led Digital Bank - is the the FIRST digital bank in Malaysia, approved by BNM to commence operations. We aim to leverage technology and innovation to serve the financial needs of the unserved and underserved individuals, and micro and small medium enterprises.We are driven by our shared purpose and passion to bring positive transformation to the banking industry, starting with solutions that addresses the financial struggles of Malaysians and businesses.

Get To Know Our Team

Internal Audit is an independent function (3rd line of Defense) within Digital Bank that provides an objective assurance and advisory role to senior management.

We use a systematic, disciplined risk-based approach to evaluate and assess risks, processes and internal controls, while aligning them to the Bank's overall digital strategy.

Internal Audit covers multiple businesses and technology functions within the Bank.

Get To Know The Role

You report directly to the Head of Technology Audit at Digital Bank.

As the Lead Technology Auditor, you are primarily responsible for managing all audits and risk advisory activities pertaining to IT/Technology (Applications & Infrastructure), Cyber Security, Data Governance & Engineering and Technology Products at Digital Bank.

We seek a candidate who brings excellent audit and risk advisory experience to lead the Technology Audit team, in a fast-paced and dynamic environment.

You shall develop the scope of work in accordance with established policies, procedures, laws and regulations, which entails the examination and evaluation of all functions and activities that are assigned to you.

You effectively plan, manage and perform the full audit cycle starting from annual audit planning, scoping and developing work programmes to evaluate the risks associated with governance, financial, operational, regulatory, and business continuity.

Keep abreast of Bank Negara Malaysia regulations on IT-related guidelines and cyber hygiene relating to FIs and banks.

You are familiar with current technology tools (e.g. Power BI & Tableau) and well versed in data analytic initiatives (rule-based/ ML) and business priorities (with associated emerging/ inherent/ residual risks), so as to translate them into automated audit test steps using data to enhance audit focus on control design assessment and targeted sampling.

The Day-to-day Activities

• Support the Head of Technology Audit as part of the Core Internal Audit Management Team.
• Lead the Technology Audit team, focusing on all risks arising from the Technology, Cyber Security, Data Governance & Engineering and Products.
• Plan and perform risk-based review, understand and evaluate the management's control awareness, business environment, related controls and processes.
• Provide guidance and coaching to the team, lead discussions, present audit findings to key stakeholders and senior management.
• Review draft/ final report
• You may be required to lead/ participate in ad-hoc projects, thematic review or special independent investigation.
• Escalation of material / significant audit findings to senior management on a timely basis (if required).
• Build and maintain healthy relationships with senior levels of management, stakeholders, and be a trusted risk advisor on control related matters.
• Develop and evolve the data analytics capabilities, so as to improve the effectiveness of Internal Audit.

The Must Haves

• Bachelor's degree in Computer Science/ Information System (or equivalent) or higher from a globally recognized university
• Related certifications (i.e. CISA, CISSP, CIA, AWS Certification or similar) are preferred
• Minimum 10 years of audit experience in IT/ Technology, Information Management, Digital Channel and Cyber & Security Risk Management
• Highly competent with IT audit methodologies and concepts; including the agile audit methodology
• Good understanding of IT-related and technology products in the digital banking space.
• Familiar with modern and emerging technology techniques and possess an interest to stay abreast of industry developments (e.g. DevOps, Cloud, APIs, service-oriented architectures etc)
• SME's knowledge regarding technology application process/ control disciplines, consumer banking control processes, digital channels and products
• Possess strong leadership skills, confidence in dealing with regulators, senior stakeholders particularly the Management Committee
• Take accountability and possess the courage to challenge risk-decisions made by senior stakeholders, from a 3rd line of defense perspective so as to uphold the value of integrity and be able to discharge responsibility professionally
• Well-developed communication and interpersonal skills
• Good analytical, presentation and report writing skills
• Ability to lead and manage, locally and remotely (if required), a team of internal auditors
• Ambitious, self-driven and highly motivated individual who can work well in a startup VUCA (Volatile, Uncertain, Complex, Ambiguous) environment. Should have a deep desire to excel and develop a career in a fast-growing tech company. Should have demonstrated integrity and respect in the performance of their duties