Group Audit helps the Board and Executive Management meet the strategic and operational objectives of the DBS Group. We conduct independent checks to ensure that the Group’s risk and control processes are adequate and effective. All our team members are highly sought-after professionals who work as trusted advisors to our clients, in all matters related to a company’s internal controls.
DBS Group IT Audit is setting the standard to audit the future of banking technology. Our 3-function IT audit team consists of Digital & Banking Technology, IT Infrastructure and Cyber Security. This position is responsible for end to end audits, track audit issue closure, validate control effectiveness post remediation, continuous monitoring of the IT landscape. This position will also support the audit function in continuous auditing activities to improve effectiveness and efficiency of the IT audit function. As Singapore is the Head Office to DBS Group, some travelling can be expected (10% to 15%) in this role.
Cybersecurity audit work includes review of cyber security controls across IT Infrastructure and Application. As Cyber security expert, you will have responsibilities in assessing and monitoring the effectiveness and adequacy of the Bank’s cyber defence control measures and operation processes.
You should have practical hands-on experience in performing independent security assessment to IT infrastructure and application. You need to demonstrate strong understanding of the cyber security controls, operations and be well-versed in the areas of application security.
You will interpret cyber security vulnerabilities and provide recommendations according to industry security best practices. Knowledge of cyber-related government regulations (MAS, CSA, HKMA, RBI, FSI, etc) and compliance will be an advantage.
Minimum 7 years of relevant experience in Information Technology
Professional Certification – CISA, CISSP
1. Technical Knowledge
Digital Banking delivery channel adoption:
• Internet, web hosting, mobile, Wi-Fi
• Multi-channel distribution
Mobile application development
• Malwares, attacks & defences
• Security operations & surveillance
• Vulnerability Assessment / Penetration Testing
• Source code review
Infrastructure security & processes
• Network devices (e.g. firewalls, switches and routers)
• System & database platforms (e.g. Wintel, Unix, Mainframe, Oracle, MS SQL)
• IT processes (e.g. Data Centre Operations, Change Management, Incident Management)
Authentication & Authorisation Controls
• Multi-factor authentication
• Biometric technology
2. Business Analyst Skills
Banking product domain knowledge acquisition;
• Treasury and Markets, Securities, Finance, Risk Management and Islamic Banking
• Institutional Banking and Global Transactions Services
• Consumer Banking and Wealth Management
User requirements understanding
Application release functionalities validation
Security / control design assessment
Risk assessment particularly in regard to assessing the probability and impact of an internal control weakness
3. Development Approach
Agile project management
Rapid release management
Mobile application development
We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognises your achievements.