IT Audit Senior Specialist | Technology Risk

Company Description

Life at Grab

At Grab, every Grabber is guided by The Grab Way, which spells out our mission, how we believe we can achieve it, and our operating principles - the 4Hs: Heart, Hunger, Honour and Humility. These principles guide and help us make decisions as we work to create economic empowerment for the people of Southeast Asia.

Job Description

Get to know our Team:

Grabber Technology Services (GTS) aims to be a technology leader that provides predictive and seamless experiences to all Grab employees (Grabbers). We are a diverse team of technology practitioners looking to out-serve Grabbers with positive, personalised IT experiences. We are looking for individuals with similar customer-centric and innovative values to join our growing team. 

Get to know the Role:

The GTS Governance Specialist reports to the Governance Leader. The Governance team is the trusted IT Risk advisor and partner to ensure the appropriate IT Risk and controls are in place.

The Day-to-Day Activities:

• Support Governance Leader in the GTS Governance program to roll out the right level of IT controls required for the overall Grab and GTS IT Risk Management framework and processes.
• Improve and maintain GTS IT Risk Management framework and processes, including alignment to Grab ERM framework and processes
• Take lead in the development, review and reporting of key IT risk exposures and metrics (e.g. KRIs and KPIs), and provide independent reporting on the IT risk posture or activities to the management team and stakeholders (e.g. second line of defense)
• Conduct IT risk assessments; identify and assess IT risks, evaluate countermeasures and recommend effective controls to mitigate IT risks.
• Monitor IT risks, map risk profiles and manage the IT risk register,
• Develop and maintain excellent working relationships with risk owners, and manage risks to minimize impact from incidents, breaches or non-compliance
• Deliver technology risk oversight using data-driven risk reports and ensure maintenance of IT risk register
• Identify and implement initiatives to promote and uplift the IT Risk Management culture in GTS
• Conduct regular communication and refresher trainings to maintain a good level of IT risk awareness
• Assist with the management and coordination of audits (e.g. IT SOX)
• Perform ad-hoc independent thematic reviews on IT processes to uncover issues and follow through with the remediation action plan.
• Provide ad-hoc due diligence and advice on IT Risk topics for Merger and Acquisition (M&A) as needed

Qualifications

The Must-Haves:

• At least 3 years of relevant experience in IT Governance, Risk Management and Controls
• Experience in Enterprise IT Governance including IT risk management and controls using COBIT (COBIT 5 or COBIT 2019) framework in highly regulated environments. 
• Excellent business acumen, commercial and analytical skills to negotiate and influence stakeholders. 
• Excellent problem-solving, critical thinking and applying sound project management to assigned work. 
• Excellent communication (written, verbal and presentation) and interpersonal skills 
• Ability to work independently on semi ambiguous tasks with limited supervision 

The Nice-to-Haves:

• CISM or CISA or CRISC certifications
• COBIT 2019 Foundation Training

Additional Information

Our Commitment

We recognize that with these individual attributes come different workplace challenges, and we will work with Grabbers to address them in our journey towards creating inclusion at Grab for all Grabbers.