Job Description

:

General Responsibilities

• Assist the Head of Technology Audit Department in the development of the overall internal audit strategies, standards, policies, and administration.
• Assist the Head of Technology Audit Department to identify, plan and monitor the manpower needs and staff development for the department.
• Keep abreast of the Group\' strategy/directions, regulatory landscape, market changes and emerging risks to be able to manage audit coverage and resources effectively.
• Provide on-the-job training and motivation to peers, subordinates, and where relevant review their work and evaluate their performance i.e., to provide feedback for Section Heads.
• Communicate and interact with Management across the organization.
• Carry out any other responsibilities/tasks as assigned by the Head of Technology Audit Department, Group Chief Internal Auditor or Head of Corporate Assurance Malaysia from time to time.

Assurance/Advisory Review

• To conduct reviews requiring expertise in technology such as cyber security, infrastructure, digital banking, and other technology related either in assurance or advisory engagement.
• To give do-able and accountable recommendations related to emerging risks related to technology
• To conduct gaps analysis between latest regulations and updates related to technology with the Bank\'s condition.
• To conduct socialization regarding latest trend on technology and emerging risks to internal/external GCAD, on half yearly basis.
• To conduct business monitoring with key stake holders.
• To perform review related to technology in New Products Assessment and give recommendations (if any).

Digital Forensic and Other Investigation related to Technology

• To conduct investigation and forensic, specific to technology related problems and cases in the Bank.
• To analyse the source of the problems related to LED reports and give recommendations as necessary
• To give do-able recommendations and conclude investigation results in an accountable report with valid evidence.
• To ensure proper documentation for every conducted investigation.

Quality Assurance

• To ensure the scope of work of every assignment has included the related significant risks to the specific area.
• To ensure the alignment between the scope of work and the review results.
• To review the quality of technology assurance/advisory documentations and reports have meet the standards.

Centre of Excellence

• To manage the responsibilities as COE related to technology, including providing white papers and other requirements related to COE.
• To give inputs/recommendation within the TA team if any improvement needed related to updated Audit Work Programs, methodologies and other areas.

Coverage

• CyberSecurity, IT Security, Infrastructure, Resiliency, Service Management
• Public facing systems, Payment Systems, and Applications with cyber risks & emerging technology including Digital Banking, Robotics, AI, Big Data & others

Portfolio

• GT Information & Cyber Security
• GT Service Delivery
• Applications with cyber risks
• Emerging technology (Digital Banking), Cloud services & middleware
• Other countries & offices - CIMB SG, CIMB HK, CIMB SH, CIMB VN & CIMB PH

CIMB