IT Auditor - Malaysia, Kuala Lumpur - Prudential Services Asia

    Prudential Services Asia
    Prudential Services Asia Malaysia, Kuala Lumpur

    3 weeks ago

    Default job background
    Full time
    Description
    Prudential's purpose is to help people get the most out of life. We will deliver our purpose by creating a culture in which diversity is celebrated and inclusion assured, for our colleagues, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and in exchange, we support our people's career ambitions. We pledge to make Prudential a place where you can Connect, Grow and Succeed.
    • Provide Management with objective analysis, detailed observations and recommendations relating to key Business risk areas to mitigate the spectrum of risks relating to the achievement of Business Objectives and Plans within P&L / Channel area of responsibility.
    • Provide independent, objective assurance that risks are being managed to ensure they are within the risk appetite approved by the Board.
    • Support the Audit Director in his / her assessment of the overall risk management environment in Prudential.

    Purpose

    • Provide Management with objective analysis, detailed observations and recommendations relating to key Business risk areas to mitigate the spectrum of risks relating to the achievement of Business Objectives and Plans within P&L / Channel area of responsibility.
    • Provide independent, objective assurance that risks are being managed to ensure they are within the risk appetite approved by the Board.
    • Support the Audit Director in his / her assessment of the overall risk management environment in Prudential.

    Scope

    A member of the regional IT audit resource pool (which is based in KL, Singapore and Hong Kong), responsible for:
    • Assisting the IT Audit Director to develop and continuously review a 6-montly risk-based audit plan for IT portfolio in Prudential, aligned to BU strategy.
    • Performing and managing the delivery of a portfolio of audits within the area of responsibility in line with agreed audit plan, continuously reviewing to ensure alignment between audit strategy and business strategy.
    • Supporting the Audit leadership team in executing a range of continuous improvement, administrative and reporting tasks needed to meet GwIA stakeholder requirements.

    Accountabilities

    • Required to have a good working relationship with Audit Directors and other members of the Internal Audit team.
    • Portfolio and stakeholder relationship management responsibilities - Key accountabilities include building and sustaining good working relationships with technology stakeholders as part of continuous monitoring and risk assessment activities.
    • Line / people management responsibilities – Developing and coaching
    • Help to construct the annual audit plan in consultation with their colleagues and business line management. Clear articulation of specialist audit and resource needs to deliver the annual audit plan provided to Technical Leads.
    • Responsible individually and collectively for the scheduling of the resources of the Audit Plan.
    • Manage a portfolio of varied audit assignments to time, quality and budget.
    • Leading and supporting audits, discussing audit report and findings with Management to ensure that appropriate responses are obtained for each issue raised in the report. As a lead, reviewing the audit working papers in line with the GwIA audit methodology.

    Experience

    In addition to a technology degree, has relevant technical certification in the area of Cloud or Software Engineering. Between 5-8 years relevant technical experience in Cloud or Software Engineering (including DevOps or DecSecOps)

    Technical Skills

    Experience in controls, security and management of one or more of the following areas:

    Cloud (PaaS, IaaS and SaaS)

    Software engineering (including agile development), familiarity with devops and devsecops, use of APIs in development

    Cybersecurity (NIST framework, security tools)

    Robotics process automation

    Familiar with emerging technologies and associated risks (e.g. blockchain, internet of things, robotics)

    Added Advantage

    Known as an SME in own functional area and is often sought after for advice / consultation Apart from business-as-usual audit work, have delivered impactful initiatives / products which has helped elevate the function (e.g. helped automate a certain manual process / delivered an automated dashboard for more efficient risk identification etc.) Coding background / data analytics capability (familiar with tools such as Python, SQL) Has good contact with people in the industry (to stay informed on developments in a fast moving IT world)

    Prudential is an equal opportunity employer. We provide equality of opportunity of benefits for all who apply and who perform work for our organisation irrespective of sex, race, age, ethnic origin, educational, social and cultural background, marital status, pregnancy and maternity, religion or belief, disability or part-time / fixed-term work, or any other status protected by applicable law. We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade, job and location. We also allow for reasonable adjustments to support people with special requirements.