Assistant Manager, Gcad

**Advisory Assignment**
- Carry out advisory assignments according to advisory plan, applicable standards and regulatory requirements.
- Involve in analyzing data for at least one(1) risk factor during micro-risk assessment on annual audit plan.
- Support in the planning and risk assessment relating to each assignment to ensure that the engagement identified potential technical operational and project risks.
- Support in developing and updating the advisory programs, maintaining quality of advisory documentation and active participation in project continuous improvement initiatives.
- Report control weaknesses, risk implications and provide value-add recommendations for improvement.
- Ensure recommendations are clearly communicated and agreed by management and advisory memo/report is issued promptly.
- Ensure advisory work complies with acceptable advisory standards and within stipulated time frame
- Ensure documentation/working papers are accurately and appropriately developed, TeamMate is used effectively and that internal advisory standards are met in carrying out all advisory assignments
- Preparation of timely and quality advisory reports upon completion of advisory fieldwork
- Carry out any other responsibilities/tasks as assigned by the Technology Audit Department Head or Section Head from time to time.

**Administrative & Development**
- Update the advisory programs, maintain quality of advisory documentation and active participation in internal advisory continuous improvement initiatives
- Assist the corporate assurance management with periodic reporting to the Audit Committee and relevant Senior Management Committee and development of the annual advisory plan.
- Ensure compliance with relevant regulatory requirements and adherence to the Group & GCAD P&P

**Collaboration and other responsibilities**
- Communicate and interact with other business auditors across the GCAD organization
- Carry out any other responsibilities/tasks as assigned by the TA Department Head or Section Head from time to time

(Note: For Team Leader role, to manage all aspects of audit assignments, including providing supervision and guidance to team members as well as on-the-job training)

Coverage
- Cybersecurity
- Cybersecurity Technologies (Endpoints, Networks, Cloud)
- Cybersecurity Operations and Functions
- Identity and Privilege Access Management
- Cybersecurity Governance, Risk and Compliance
- Cyber Defense and Security Incident and Response
- Application Security Controls and Practices
- IT Infrastructure
- Operating System (Wintel, Middleware and Mobile OS)
- Servers and Virtualization
- End User Computing
- Databases and Storage
- Data Center and Facilities Management
- Network
- IT Service Management
- IT Asset and Configuration Management
- Incident and Problem Management
- Release and Change Management
- Availability and Capacity Management
- IT Resiliency
- Disaster Recovery
- Backup and Restore
- Business Continuity Management
- Cloud Services
- IaaS, PaaS and SaaS
- Banking Applications
- Public facing systems
- Payment Systems
- Digital Banking
- Mobile Application
- Emerging technologies
- Robotics and Artificial Intelligent
- Big Data and Data Analytic
- E-Wallet
- Internet on Thing (IoT)

Portfolio
- GT Information & Technology
- Cyber Security
- GT IT Service Management
- Group Data
- Group IT Governance, Risk and Compliance
- CISO Office
- Group Business Applications
- Third Party (Technology Principals and Cloud services)
- Regulators (Malaysia and Other Countries)
- Other countries, offices & subsidiaries
- CIMB NIAGA and CIMB THAI
- CIMB SG, CIMB HK, CIMB SH, CIMB VN & CIMB PH
- Touch N Go