Senior Specialist, Technology Audit

GX Bank Berhad - the Grab-led Digital Bank - is the the FIRST digital bank in Malaysia, approved by BNM to commence operations. We aim to leverage technology and innovation to serve the financial needs of the unserved and underserved individuals, and micro and small medium enterprises.

We are driven by our shared purpose and passion to bring positive transformation to the banking industry, starting with solutions that addresses the financial struggles of Malaysians and businesses.

• Planning and executing end-to-end technology audits, including risk assessment, scoping, fieldwork and reporting, in line with internal policies and procedures, regulatory requirements and industry best practices.
• Developing and executing data-driven audit programs that assess IT governance, cybersecurity, cloud environments, infrastructure, data management, systems development and business continuity risks.
• Staying current with regulatory developments and Bank Negara Malaysia’s IT-related regulations and guidelines, and incorporating them into audit focus areas.
• Leveraging data analytics and automation tools (e.g., Power BI, Tableau, SQL, Python) to enhance audit efficiency and control testing.
• Supporting the Head, Technology Audit and participating in the Core Internal Audit Management Team, contributing to strategic and operational initiatives.
• Collaborating with audit team members, leading discussions, providing quality assurance over work papers and guiding junior staff throughout the audit lifecycle.
• Presenting clear and impactful findings to senior stakeholders and following up on remediation efforts to ensure timely closure of issues.
• Drafting audit reports that are concise, risk-focused and aligned with Internal Audit methodology.
• Participating in or leading ad hoc reviews, thematic audits or special investigations as required.
• Proactively escalating significant control gaps or emerging risks to senior management.
• Building strong, collaborative relationships with business and technology stakeholders, acting as a credible risk advisor.
• Continuously improving internal audit practices, particularly in areas of data analytics, audit automation and emerging technology risk coverage.

• Bachelor's degree in Computer Science/ Information System (or equivalent) or higher from a globally recognised institution.
• Related certifications (i.e. CISA, CISSP, CIA, CRISC, AWS Certification or similar) are preferred.
• Minimum 8 years of audit experience in IT/ Technology audit, Information & Cyber Risk Management, Digital Platforms and Technology Risk functions, preferably in the financial services sector.
• Strong understanding and hands-on experience with IT audit frameworks, risk and control assessment methodologies, and Agile audit techniques.
• Solid grasp of modern and emerging technologies including cloud infrastructure (AWS), DevOps/CI-CD practices, API security, data governance and service-oriented architectures
• Familiarity with regulatory requirements and industry standards such as BNM RMiT, MAS TRM, ISO 27001, NIST, COBIT and ITIL.
• Demonstrated ability to independently develop and execute audit plans, evaluate control effectiveness and identify areas for improvement with risk-based focus.
• Ability to use data analytics tools (e.g., Power BI, Tableau, SQL, Python, ACL) and the ability to integrate analytics into audit testing and reporting is preferable.
• Excellent written and verbal communication skills, with the ability to clearly present complex audit findings to senior stakeholders. High level of initiative, integrity, and independence, with the ability to thrive in a fast-paced, VUCA startup environment.
• Strong interpersonal skills and the ability to build trusted relationships with stakeholders across business and technology teams.
• A continuous improvement mindset with a passion for innovation, learning, and delivering value-added insights.