Snr Executive, Cyber Security Auditor
ST Engineering is a global company with diversified industries and geographies. Our global network of subsidiaries and associated companies spans Asia, Europe, the Middle East and the U.S. Headquartered in Singapore, the Internal Audit function is responsible for all audits approved or assigned otherwise by the Board.
We are looking for a dynamic individual to join our expanding team with the ST Engineering Group Internal Audit function. The role is highly visible, with access to all levels of management and cross- cultural exposure from overseas assignments and interaction with global units.
Reporting to the ST Engineering Group Head Internal Audit, you will be responsible for evaluating and enhancing ST Engineering’s cybersecurity posture by driving comprehensive risk-based cybersecurity audits of security controls, policies, and practices to assess the adequacy and effectiveness of ST Engineering’s cybersecurity & IT governance, risk management and internal controls globally.
You will support in audits, investigations and special reviews in order to provide an independent and objective assessment over governance, risk, assurance matters (including matters over Sustainability Reporting) and to add value by improving the operations of ST Engineering Group.
Key Responsibilities:
- Prepare and implement cybersecurity audit programs to assess the effectiveness of security controls and compliance with relevant regulations, industry and internal standards (i.e., NIST Cybersecurity Framework, CSA Cyber Trust Mark, etc.)
- Identify vulnerabilities, weaknesses, and gaps in the organisation’s security posture through industry-recognised tools and methodologies, and provide viable recommendations to address any findings
- Perform ITGCs and ITACs where required to provide holistic cybersecurity posture assessments
- Support Audit Investigations team with technical analysis/forensics where required
- Work closely with IT, security teams, and other departments to understand and address cybersecurity challenges.
- Participate in close discussions with management in every closing meeting of assignments
- Explain cybersecurity technicalities and jargons to technical & non-technical stakeholders in the best understandable language possible (verbal & written)
- Communicate findings in clear and concise written audit report, indicating the root causes of findings and their associated risks
- Propose qualityrecommendationsto improve any weaknesses in control environment identified
- Support the Group Internal Audit in the prompt delivery of IT audit plan, includingspecial reviews, investigations, implementation reviews and any other tasks as assigned
- Support a collaborative environment to share knowledge and best practices learned.
- Stay current with emerging cybersecurity threats, trends, and technologies.
To be successful and excel in this position, the incumbent should have the following qualities:
Basic Qualifications
- Recognised degree in IT (Information Systems)/Computer Science/Cybersecurity or a related field
- Certified/passer of CISSP or CISA, and other accredited cybersecurity-related certifications is a must
- Good interpersonal and written/spoken communication skills
- Proficient in reading, writing and spoken English and Mandarin for audit of overseas associates
Other Preferred Requirements and Work Experience/Skills:
- At least 2 years IT audit/Cybersecurity audit experience, either in Internal Audit or with a reputable professional service firm
- Deep knowledge of/ hands-on experience in security concepts, security software and tools will be highly preferred
- Aptitude to seek continuous self-enrichment and personal development to maintain relevance of skills and knowledge
- Data interrogation skills and usage knowledge in audit analytics tools (i.e., Tableau) and scripting languages (i.e., Python, SQL).
- Willingness to perform IT Audit and Data Analytics work as needed
- Organised and have strong project management and time management skills
- Attentive to details, observant and has an analytical and inquisitive mind
- Ability to think critically, assess and evaluate risks and implement solutions
- Effective communicator with strong reporting skills
- Good interpersonal skills and self-awareness
- Strong influencing skills and confidence in liaising with senior management and business partners
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
