Information System Auditor

Company:

Sopra Steria is a listed European tech leader specializes in Consulting, Digital Service, and Software. We have 50,000 employees worldwide located in different regions (Europe, North America and Asia), whereby Singapore is the HQ for APAC. EvaGroup Asia Pacific is part of Sopra Steria I2S APAC, in charge of Infrastructure, Cloud and Cybersecurity services.

Role:

The Information System Auditor is responsible for the execution of audit assignments and controls with a strong focus on Information Systems (IS) and IT Infrastructures, in particular on fields like Information System Security, Project Management, Software Development Life Cycle, Change and Release Management and Production Support. The main focus of the role will be on Information System’s business applications, IT infrastructures (network, servers and database) and IT services.

In addition, the auditor follows-up audit recommendations in a timely manner, assess whether the risks have been sufficiently mitigated to propose the closure of the recommendation, or to escalate to the audit supervisors and management when needed.

The auditor also contributes to the annual Risk Assessment to elaborate the audit plan and takes part to the Continuous Audit Monitoring processes to adjust the audit plan if significant risks arise.

The auditor contributes his/her expertise to the local and global Information System Audit community and provide advice to business auditors on Information Systems risks.

Responsibilities:

• Execute all audit assignments in accordance with internal quality standards,
• Prepare audit work programs in good understanding of the specific risks to be evaluated,
• Assess the control environment of both 1st and 2nd Lines of Defense (LOD1 and LOD2)
• Perform audit controls within the committed budget and deadline,
• Maintain clear work papers and audit trail of the work done,
• Debrief auditees based on factual and clear findings,
• Propose relevant recommendations to improve processes and reduce risks,
• Manage the relationship and communication with the main auditee(s)
• Efficiently manages the resources assigned to the mission
• Set objectives and assess the contribution of auditors assigned to the mission
• Regularly report the progress of the mission to the supervisor
• Write concise and clear reports to communicate audit results to the management

• Bachelor degree or above in related disciplines, e.g. Information Systems, Computer Science, Business etc
• Minimum 7-10 years of total experience in Information System Audit and/or operational experience in Information Systems in areas such as:

1. Information System Risk and Security
2. Cybersecurity
3. Project Management, Agile

• Good knowledge of regulatory reform, operational risk procedures and other compliance functions within banking
• Data analytics skills and capacity to analyze audit trails using scripts or BI tools is a plus
• Internal Audit or IT risks and control background is preferred such as OCISA, CISSP, CEH or another IT audit certification
• Proficient in French is preferred

Soft Skills Requirements:

• Able to work independently and proactively, demonstrating a strong sense of ownership and commitment to deliver quality audits on time
• Adapt quickly to new environment and curious to learn and develop new skills/knowledge
• Robust analytical skills to relate IT risks with potential business exposure
• Good communication skills and ability to interact with management as well as operational staff
• Fluent command of English, with good report writing and presentation skills
• Team player

• Regular team buildings
• 18 leave days / Year
• HSBC Health Insurance
• Annual bonus
• Working hours: from 9am to 6pm, Monday to Friday
• E-learning and certifications paths