The role reports to Section Head, IT Audit and will be responsible for planning and executing IT audits for the Great Eastern Group of Companies. You will also assist the Singapore Chief Internal Auditor, Group Internal Audit, to provide an independent and objective assurance to improve the Group’s IT control environment.

 • Participate or lead in the planning and execution of audit assignments to ensure quality and timeliness of reports and deliverables;

• Develop risk-based audit plans and testing programs;

• Ensure coverage of relevant regulatory requirements and recommend improvements to corporate policies, procedures and practices to enhance IT control design and enforcement;

• Support business audits through integrated or thematic audits by providing technology expertise and evaluating IT controls supporting the business operations;

• Manage or participate in other ad-hoc assignments including special projects and investigations;

• Contribute to continuous monitoring of technology risk areas. Establish and maintain strong relationship with technology stakeholders including risk management and control groups;

• Assist in the follow-up with auditees on outstanding audit findings through the issuance of Audit Tracking Report and verification of resolved findings;

• Ensure that audit operating standards and procedures are observed, and requirements of the Quality Assurance Review are met;

• Takes accountability in considering business and regulatory compliance risks and takes appropriate steps to mitigate the risks;

• Maintains awareness of industry trends on regulatory compliance, emerging threats and technologies in order to understand the risk and better safeguard the company; and

 • Highlights any potential observations /risks and proactively shares best risk management practices. 

We are looking for people who

• 5 - 7 years of relevant experience in IT audit, security governance and/or Technology Risk Management in banking or FI; • Knowledge or exposure to AI, cybersecurity controls, infrastructure technology (i.e. cloud security, network, virtualization), ethnical hacking, application security, API, micro services and secure coding standards;

• Familiar with the regulatory requirements specific to technology risk management (e.g. MAS, BNM, OJK);

• Good report writing, communication and presentation skills; 

• Complete audit work papers and reports with minimal intervention by the IT audit section head/team lead;

• Provide continuous monitoring of technology areas, engage technology control partners to upkeep with the changing IT risk landscape of the group;

• Attention to details to ensure completeness and accuracy of audit coverage;

• Strong analytical skill, time management, independent and collaborative; 

• Able to interact well with all levels of staff;

• Bachelor's degree in Computer Science or Engineering, Accounting, preferably hold one or more of these professional certifications (e.g. CISA, CISM, CEH, CISSP, CCSP);

• High level of integrity, takes accountability of work and good attitude over teamwork;

• Takes initiative to improve current state of things and adaptable to embrace new changes;

• Self-motivated and takes initiative to improve current state of things and adaptable to embrace new changes; and

• Able to travel overseas when required and safe to do so (10% estimated).

How you succeed

Champion and embody our Core Values in everyday tasks and interactions. Demonstrate high level of integrity and accountability. Take initiative to drive improvements and embrace change. Take accountability of business and regulatory compliance risks, implementing measures to mitigate them effectively. Keep abreast with industry trends, regulatory compliance, and emerging threats and technologies to understand and highlight potential concerns/ risks to safeguard our company proactively.

Who we are

Founded in 1908, Great Eastern is a well-established market leader and trusted brand in Singapore and Malaysia. With over S$100 billion in assets and more than 16 million policyholders, including 12.5 million from government schemes, it provides insurance solutions to customers through three successful distribution channels – a tied agency force, bancassurance, and financial advisory firm Great Eastern Financial Advisers. The Group also operates in Indonesia and Brunei. The Great Eastern Life Assurance Company Limited and Great Eastern General Insurance Limited have been assigned the financial strength and counterparty credit ratings of "AA-" by S&P Global Ratings since 2010, one of the highest among Asian life insurance companies. Great Eastern's asset management subsidiary, Lion Global Investors Limited, is one of the leading asset management companies in Southeast Asia. Great Eastern is a subsidiary of OCBC, the longest established Singapore bank, formed in 1932. It is the second largest financial services group in Southeast Asia by assets and one of the world’s most highly-rated banks, with an Aa1 rating from Moody’s and AA- by both Fitch and S&P. Recognised for its financial strength and stability, OCBC is consistently ranked among the World’s Top 50 Safest Banks by Global Finance and has been named Best Managed Bank in Singapore by The Asian Banker.