Title:  Manager, IT Audit

Requisition ID: 195621  
Employee Referral Program – Potential Reward: $2,500.00 

We are committed to investing in our employees and helping you continue your career at Scotiabank. 

Purpose
The Bank’s Internal Audit Department plays a key role in the risk management process of the Bank. Its mandate is to provide independent and objective assurance over the design and operation of the Bank’s controls and operational processes and to provide advisory services designed to improve the Bank’s operations.  

The role of this position is to perform audits to assess the design and operational effectiveness of internal controls relating to information technology and cyber security across the APAC region and assist when required with other corporate and support function audits within the Region.  The incumbent will be required to work as part of a team that audits the major business lines within APAC and assist the Chief Auditor, Asia Pacific in assessing controls relating to information technology and cyber security and other information technology general controls. A heavy focus of this role will be to ensure design and operating effectiveness on controls are adequate and appropriate to ensure compliance with regulatory requirements within APAC. The incumbent will ensure that department standards are met on all assignments.

Contributes to the overall success of the Audit Department in APAC ensuring specific individual goals, plans, initiatives are executed / delivered in support of the team’s business strategies and objectives.  Ensures all activities conducted are in compliance with governing regulations, internal policies, and procedures.

Evaluate the design and operation of internal controls for assigned sections/projects/processes/units. Conduct special investigations and perform due diligence activities as assigned. Act primarily as Officer-in-Charge for technology and cyber security related audits and as team participant in other audits. Ensure department standards are maintained in completion of all assignments.

Accountabilities 

•    Provides assurance over the IT applications, ITGCs, data, Information Security, Cyber Security, and project management controls. Assess the controls within the data centre hubs, which include completing application assessments i.e., executes engagement planning, problem identification, reporting, and communication.
•    Assess the Software Development Life Cycle (SDLC) of new projects for present and emerging risks.
•    Conducted IS Audit of applications used in Bank through Risk Based Internal Audit (RBIA) approach in accordance with regulatory Guidelines and Banks Information Security policy and procedures.
•    Continuous monitoring of critical IT/Cyber Security and governance controls.
•    Perform statistical analysis with audit data sets using various Data Analytics tools (Excel, SQL, etc.) to validate the integrity of the data and to verify that processes are working efficiently.
•    Assists in annual planning.
•    Provides high-quality, value-added recommendations for the Bank’s IT framework, processes and systems which are relevant to support both the businesses and support functions.
•    Provides high quality, value-added advisory and risk and control stewardship services to management as part of audits or on special projects / assignments and act as Officer in Charge (OIC) or team member for these audits and ensure Audit department standards are met on all assignments.
•    Promoting and assisting in facilitating a strong risk management awareness amongst internal stakeholders.
•    Conformity with Global audit standards while undertaking the audit activities. 
•    To work as part of a team that audits applications associated with the Bank. 

Reporting Relationships (Job Titles only)
Primary Manager: Regional Chief Auditor, Audit, Asia Pacific, Singapore Branch

Dimensions
•    Document specific business line information including authorized complement, size of portfolio, products/services, etc.

•    Manage assigned relationships.

Education / Experience / Other Information
•    Requires expert knowledge and skillsets in the audit of application controls, data governance and management principles and projects.
•   Competent knowledge and experience of the regulatory frameworks and compliance requirements within financial services. 
•   A solid experience in IT Auditing, application development and maintenance, IT security, Cyber Security, IT architecture, quality assurance, operational risk, and internal control with a minimum of 8 years’ experience, in at least one of these areas.
•   Solid understanding of system security configurations relating to operating systems (preferably iSeries, zSeries, Windows and/or Unix), databases (Oracle, SQL), middleware and networks.  A sound knowledge is also required of data center management and application system architecture.
•   CISA (Certified Information Systems Auditor) or relevant Certifications.
•   Conversant with Risk Based Internal Audit (RBIA) approach. 
•   Understanding of IT general control principles, Cyber security control, audits of IT processes and risks associated with outsourced IT services.
•   Proficient knowledge of Software Development Life Cycle (SDLC).
•   Requires technical infrastructure skillsets (UNIX, Windows, Network, SQL, Oracle database etc.).
•   Knowledge of system development methodologies.
•   Acquaintance with Data Analytics.
•   Proficiency at applying risk-based auditing standards, practices, techniques, processes & methodologies and regulatory guidelines to the performance and review of audits.  The incumbent is expected to leverage data analytical techniques during the planning and execution of audit engagements.
•   Strong IT Audit (internal or external) experience, preferably in a financial institution setting, or direct experience in a relevant IT environment. Expert knowledge and skill set in the audit of applications, data, and governance.
•   Experience in using Audit Command Language (ACL) software or other programming languages for data analysis and automation.

Location(s):  Singapore : Singapore : Singapore 

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.  

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.