IT Auditor

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.

As an IT Auditor (For Applications), you will play a crucial role in shaping and executing a risk-based audit strategy, diving into IT audits and risk assessments to evaluate and enhance control effectiveness.

What will you do?

IT Audit and Risk Assessment

• Conduct IT audits, compliance and IT risk assessment primarily in the application areas covering application control, IT general controls, infrastructure controls, and cybersecurity.
• Able to plan and communicate the audit activities with the stakeholders.
• Audit and identify the risk and non-compliances at project sites, evaluate the issue and produce the audit/assessment report.
• Work off-site with different projects during audits/reviews, performing visual and auditory analysis of audit items independently.

Risk Identification and Control Evaluation

• Identify and evaluate complex technology and business risks and internal controls designed to mitigate these risks.
• Assess the discovered non-compliant issues in application design and operating effectiveness of controls in mitigating IT risks.
• Analyse the issue deficiencies, determine the impact, and provide guidance to the remediation.
• Recommend opportunities for internal control improvement based on risk evaluations.
• Where required, do research to support the internal compliance improvement plans for the company.

Audit Reporting and Stakeholder Management

• Provide audit report covering audit findings, root cause and recommendations for improvements.
• Present audit findings to senior stakeholders, both internal and external, clearly and professionally.
• Follow up with project teams to ensure that root causes are addressed and that corrective actions are implemented effectively.

The ideal candidate should possess:

• Minimum 5 years of ICT experience, preferably with a few years in ICT audit and/or Risk Assessment.
• Relevant IT audit certifications such as CISA, CISM, CISSP, CRISC, and/or ISMS Lead.
• Good understanding of SOC 1 and SOC 2, COSO, COBIT, ISO/IEC 27000, CIS or equivalent standards.
• Experience in requesting and inspecting application and IT systems artefacts during audits/reviews.
• Ability to work independently in field audits, performing visual and auditory analysis of audit items.
• Experience in audit field work including IM8 audit (for Applications).
• Strong understanding of complex business and IT processes, and their related risks.
• Must have knowledge on application development and design, network, IT operation processes and cybersecurity.
• Prior experience in project management, application development, and cloud application development throughout the project lifecycle, including both traditional SDLC and Agile methodologies, or in infrastructure implementation and operations.
• Comprehensive knowledge of application development, design, network, IT operations processes, and cybersecurity.
• Self-motivated and proactive attributes, with the ability to deliver quality and thorough audit work, with an eye for detail.
• Keen attention to detail and patience in producing reports and documentation.
• Good written and verbal communication and presentation skills.
• Degree in IT, Computer Science or any other related field.
• Experience working in Big Four audit firm, handling IT audits (has an added advantage).

We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity—and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future.

Together, we make the extraordinary happen.