Senior Audit Manager, Technology & Architecture

Job Summary

The Group Internal Audit (GIA) in Standard Chartered Bank is looking for a Senior Technology Professional with Risk and Control mindset to join the Technology & Architecture (T&A) audit team. We are looking for talent to lead and deliver the audit work covering key risks of Technology Architecture and Infrastructure, including Information Technology Infrastructure Library (ITIL) and processes (IT Incident Problem &Change, Asset Management and Technology Operations). The incumbent will also support T&A Head of Audit(HOA) in writing audit opinion summarising the audit work for the risk committee papers and to the Board Audit Committee.  Ideal candidate should have minimum of 12 years of hand-on experience in implementing and running technologies operations and must have in-depth technical knowledge on Platforms, Network, Databases, Storage, Cloud and Emerging Technologies. A strong communicator, both written and verbal, with ability to clearly explain technical issues to senior technology leaders and write audit issues, reports, and opinions in simple English.  Team Leader who provide coaching and mentoring to team members and lead technical auditors to deliver audits covering enterprise wide technologies. Strong analytical skills with hands-on experience on SQL, Python, Power BI, Tableau

Key Responsibilities

Strategy

• Build relationship with Senior Technology Leaders to gain and share insights on the current and future T&A strategy and roadmap. 
• Support the T&A HOA in keeping up with the key changes within T&A portfolio and perform risk assessments to identify key areas for audit coverage.
• Support the T&A HOA in developing and implementing a training plan for the team to ensure that team has appropriate skills to cover the T&A portfolio. 
• Provide clear, effective supervision and leadership to the audit teams and champion the implementation of the strategy.
• Carry out their role in line with the Audit Charter and remain independent from management and free from interference.

Audit Delivery

• Act as Team Manager to lead the delivery of high risk audits of enterprise wide technology and work with other GIA technology and business teams when required.
• Execute audit work and issue validation in an efficient and effective manner, within the given budget and timelines.
• Provide clear guidance, detailed review, and supervision of the audit team’s work, so that audit deliverables meet quality standards.
• Clearly identify the risks and impact of issues during issue writing, agreeing these issues with management and obtaining quality management action plans to mitigate the risk.
• Provide guidance to the team on business / audit technical knowledge and management skills.
• Champion innovation and increase the use of leading edge methods, such as artificial intelligence and data analytics, in audit assignments.
• Track the implementation / delivery of the agreed issues and action plans for the audits assigned, understanding the key risks arising, provide advice on resolution of issues to auditees/action plan owners and escalate audit findings that remain unresolved

Business

• Continuously engage with Technology Business Units (BUs) Leads to gain insights on the key technologies that are getting introduced in the Bank and support the business by sharing opinion when requested.
• Monitor the progress of key Technology Transformational programmes and provide insights to Heads of Audit on the programme development, and key Risk and Control topics. 
• Perform, support, or lead the planning, fieldwork, and reporting of internal audit engagements to deliver agreed assurance objectives to established GIA standards and timelines.
• Deliver audits / assignments within budget and drive efficiency to support cost save objectives.

Skills and Experience

• Strong understanding of IT infrastructure components, including servers, networks, databases, and cloud services.
• Knowledge of cybersecurity principles, frameworks, and best practices.
• Proficiency in audit tools and techniques.
• Analytical Skills: Excellent analytical and problem-solving abilities with a keen attention to detail.
• Communication Skills: Strong written and verbal communication skills to effectively convey audit findings and recommendations.
• Interpersonal Skills: Ability to work collaboratively with cross-functional teams and build strong relationships with stakeholders.
• Professional Certifications: Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP), or Certificate of Cloud Auditing are highly desirable.
• Familiarity with regulatory requirements and industry standards (e.g., ISO 27001, GDPR, SOX) 

Qualifications

• Education: Bachelor's degree in Information Technology, Computer Science, Information Systems, or a related field. A master's degree is a plus
• Experience: Minimum of 12 years of hands-on experience in implementing and running technologies operations and must have in-depth technical knowledge on Platforms, Network, Databases, Storage, Cloud and Emerging Technologies
• Strong understanding of IT infrastructure components, including servers, networks, databases, and cloud services.
• Knowledge of cybersecurity principles, frameworks, and best practices.
• Proficiency in audit tools and techniques.
• Analytical Skills: Excellent analytical and problem-solving abilities with a keen attention to detail.
• Communication Skills: Strong written and verbal communication skills to effectively convey audit findings and recommendations.
• Interpersonal Skills: Ability to work collaboratively with cross-functional teams and build strong relationships with stakeholders.
• Professional Certifications: Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP), or Certificate of Cloud Auditing are highly desirable.
• Familiarity with regulatory requirements and industry standards (e.g., ISO 27001, GDPR, SOX)