IT Auditor - APAC

Why Binance

• Shape the future with the world’s leading blockchain ecosystem
• Collaborate with world-class talent in a user-centric global organization with a flat structure
• Tackle unique, fast-paced projects with autonomy in an innovative environment
• Thrive in a results-driven workplace with opportunities for career growth and continuous learning
• Competitive salary and company benefits
• Work-from-home arrangement (the arrangement may vary depending on the work nature of the business team)

Binance is committed to being an equal opportunity employer. We believe that having a diverse workforce is fundamental to our success.

By submitting a job application, you confirm that you have read and agree to our Candidate Privacy Notice.

Responsibilities

• Identify key technology and data risks at the group-wide and local level for each entity, considering relevant strategies and business environment.
• Support the development of the annual audit plan considering the key risks identified.
• Preparation of the annual audit plan and schedules for Global and Regional units.
• Plan, lead and execute audits and evaluate the adequacy of risk management and control for technology and cyber related risks according to established schedule and quality requirements.
• Provide SME support to the broader team on technology and cyber risks.
• Keep up-to-date with emerging risks and risk best practices.
• Advocate technology advisory services to other BUs to improve the relevancy of the Internal Audit.
• Plan and allocate resources to effectively accomplish the work to meet productivity and quality goals as well as adjust the IT audit plans based on the changing IT controls, risk posture, and/or business priority.
• Build strong audit relationship with key IT Management of the Central office and BUs via regular interaction, informing them of emerging risk issues and other key change controls related to key business processes.
• Draft audit reports and lead discussion of issues and remedial action plans with the appropriate levels of management.
• Design and maintain automated scripts (using Python) for data extraction, transformation, and analysis in support of audit engagements.
• Write complex SQL queries to retrieve, manipulate, and analyze large datasets from various systems (ERP, CRM, cloud platforms, etc.) for audit purposes.
• Facilitate issuance of audit reports to management.
• Lead the team to follow-up outstanding audit issues and monitor timely completion of agreed remedial actions by management.

Requirements

• Minimum 5 years of experience in technology audit.
• Proficiency in Python (e.g., pandas, numpy, automation scripting) and SQL (complex querying, data analysis).
• Proven experience auditing IT aspects, including governance, risk management, system and cybersecurity, preferably gained within financial services, payment institutions or from regulators.
• Experience in digital forensics or investigation is highly preferable.
• Experience auditing or working in the First or Second Line of Defense IT, information security and operational risk functions, or experience with payments and international transactions would be advantageous.
• Sound understanding of software development, system architecture, information and cyber security and cloud computing.
• Knowledge of risk based auditing and risk management frameworks (e.g. ISO27001, NIST, COBIT, COSO, SOC2, PCI-DSS).
• Ability to apply analytics, process automation and develop a data-driven internal audit approach.
• Confident in dealing with senior stakeholders such as Principal engineers, Head of Departments, CISO and CTO.
• Able to work effectively in a fast-changing business environment and manage shifts in priorities.
• Relevant professional certifications or industry accreditations (CISSP, CISM, CISA, CIA, AWS or GCP certifications etc.) would be a plus.
• A degree in computer science, information security, engineering or of a quantitative discipline would be a plus.