IT Risk Management / IT Audit Analyst (Banking Sector Client - Tech Process Assurance)

Main job duties but not limited to the following:

• Carry out IT General Control testing in accordance with the Assurance methodology, and evaluate the adequacy and effectiveness of internal controls relating to risks within those functional areas.
• Adopt a range of sources and methods to obtain knowledge and apply judgment based on sound business knowledge of day-to-day assurance review work; this includes identifying and assessing key risks and designing testing to assess the design and operating effectiveness of the key controls in place to mitigate risk.
• Collaborate with subject matter experts (SME) and other teams in integrated assurance reviews and actively contribute to the delivery of team plans in support of the functional and business strategies under limited supervision.
• Proactively develop and maintain professional consultative working relationships with the technology risk team, with internal stakeholders, and use a range of approaches to collect relevant and readily available information to assess risk, resolve issues or carry out tasks.
• Active engagement with team members for knowledge sharing.
• You will assist the team in any adhoc work and projects as assigned
• Job rotation may be required as and when (however, you will be advised accordingly)

Requirement

• Minimum 3 to 5 years of IT audit experience, preferably from the financial industry or Big 4.
• Experience in application audit.
• Exposure to MAS Technology Risk Management guidelines is preferred.
• Sound knowledge of banking or technology processes, banking products and the overall industry.
• Experience in usage of data analytics for IT audit or assurance work will be a strong plus.
• Excellent communication skills (verbal, written and presentation) to deliver timely technology assurance reports to senior management and stakeholders.
• Strong relationship management, analytical, problem solving, communication, influencing, planning and presentation skills.
• Self-motivated and driven, able to work independently.
• Establish a good understanding of the relevant functional area's developments and is a keen learner to continuously develop relevant technical expertise.
• Able to work in a fast-paced business environment.
Able to work in virtual, global teams in a matrix organisation, transfer knowledge and is a good team player

This role is like being a “Tech Risk Detective” inside the bank.

Your job is to: Check if internal IT processes (like system access, change management, backups, etc.) are being followed correctly based on company policies and MAS (Monetary Authority of Singapore) regulations. You don’t do the actual IT work; instead, you review and validate the work done by other internal teams (LOD1). You ask for evidence (e.g., logs, reports) to see if things were done right. If you spot issues or risks, you document your findings and help the team come up with an action plan to fix them. You're not an external auditor (like EY or PwC), and you're not part of the bank's internal audit department (LOD3). You're "LOD1.5", which is an internal independent checker role between the actual doers (LOD1) and internal auditors (LOD3).