GF Technology Infrastructure Audit Manager VP-18075013
- Internal Audit is a global organization of over 1000 professionals covering Citi's global businesses and service to clients and customers in over 180 countries. Citi's Internal Audit division provides independent assessments of the company's governance, risk management and internal control environment for key stakeholders including the Board of Directors, senior management and Citi’s numerous regulators globally. Internal Audit is a change agent within Citi aimed to enhance the control culture of Citigroup worldwide and thereby support senior management decision making around the globe
- This role participates in the timely delivery of high quality, value added assurance and audit reports for a portfolio of business activities, which meet the requirements of the Boards of Citigroup and Citibank, their affiliates and of Citi’s respective regulators, globally
- The Audit Manager (Technology Infrastructure) will be based in Singapore reporting to the APAC Senior Audit Manager TCTP TI (Technology, Change and Third Parties – Technology Infrastructure) with applicable local matrix reporting. The position contributes to the scoping and execution of the overall audit process and delivery of the audit plan for the global TI audits. The candidate should possess in-depth knowledge of technology infrastructure such as server and workstation Operating Systems, database management systems, middleware including web-servers, storage systems, voice and data networks, data-protection and cybersecurity infrastructure, data centre operations, IT General Control processes including Information Security along with related risks and controls and technology auditing
- Understand and grasp the audit methodology, corporate standards, and internal control processes
- Execute audit assignments through effective collaboration with the regional or global audit teams within budgeted timelines and costs
- Lead and execute technology audits by identifying key risk and controls, develop and execute control assessment plans, draft control issues and present them to the technology management, discussing practical solutions
- Through the Business Monitoring process, monitor the risk and control environment of the technology infrastructure operations in the assigned audit entities including emerging risks
- Develop and maintain effective relationship with the business management through effective communication skills with a no-surprises approach
- Assess impact of applicable regulations to the technology processes and adequacy of controls for compliance
- Assess appropriateness and sustainability of pragmatic solutions for risk mitigation
- Learn and apply the data quality standards for high quality audit documentation
- Actively contribute to the automated auditing initiative for efficient and continuous control monitoring
- Contribute to various corporate initiatives by active participation
- Assist the audit management in talent management, recruitment, interaction with regulators
- Demonstrate strong judgment, political astuteness, and sensitivity to cultural diversity
Qualifications Qualifications and Competencies:
- University Degree (preferably Engineering or IT related)
- At least eight years of experience of auditing or managing IT infrastructure systems in a medium to large scale environment (preferably in Banking sector) with strong understanding of IT infrastructure risks, controls, and regulations, and project management.
- Preferred to possess subject matter expertise in one or more technology infrastructure disciplines and a strong technology infrastructure knowledge, with a sound understanding of the financial services provided by Citi, especially those associated with the ASPAC region
- Demonstrated analytical ability to identify and articulate emerging risks, control issues, and business impact to identify root cause and recommending solutions.
- Good knowledge of the modern banking technology systems with awareness of the applicable regulatory requirements
- Strong in written and assertive verbal English communications along with effective interpersonal and negotiation skills.
- Relevant professional qualifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) preferred.
- Experience in designing or using Computer Assisted Audit Tools and Techniques (CAATTs)
- Willingness to travel (approx. 25% annually) within APAC or globally