Job Postings from MOH Holdings
Assistant Manager, IT Audit (Biz Application System)
This role forms part of the IT Audit team under the Group Internal Audit Division in MOH Holdings.
The successful candidate will be involved in the following areas of responsibilities:
- Review IT application systems including business application systems to assess adequacy of system controls over accuracy, completeness and availability.
- Recommend system control features to enhance productivity without compromising controls.
- Review operating systems and database security as well as IT general controls (e.g. Data Centre operations).
- Participate in System Development Life Cycle (SDLC) review of new system development to provide advice on security and controls during the pre-implementation stage.
- Use of data analytics tool (e.g. Tableau, IDEA) to perform analysis (e.g. Audit Logs)
Responsibilities :
- Degree in Computing or Accountancy.
- At least 4 years' IT audit working experience with Big-4 Accounting firms or large conglomerates.
- Good experience in review of IT application controls, user access management, and/or forensic audit including network security review.
- Practical knowledge of SAP HANA, OBIEE, SQL, RPA (e.g. UI Path) and Oracle databases will be beneficial
- You should be analytical to provide suggestions on good and practical system controls to mitigate IT risks and able to work independently with minimum supervision.
- Basic knowledge of network security and vulnerability assessments
- Knowledge of clinical systems supporting the healthcare operations is an added advantage
- Good written and oral communication skills as well as report writing skills.
- CIA/CISA/CRISC/CISM/CISSP certifications is an added advantage.
Interested candidates can email to Ms. Tay Ya Shuang at yashuang.tay@mohh.com.sg for any queries and to apply.
Date posted: 31 August 2021
Senior Manager, IT Audit (Biz Application System)
This role forms part of the IT Audit team under the Group Internal Audit Division in MOH Holdings.
The successful candidate will be involved in the following areas of responsibilities:
-
To present and communicate with the Audit Committee and Senior Management of the MOHH group of entities on the IT audit findings
-
To assess IT application systems including business application systems (e.g. SAP) and healthcare clinical systems supporting the hospital operations
-
To lead the auditors to carry out audit projects as follows:
-
Application controls (input controls, output controls, application configurations; processing logic and interface controls)
-
Assess adequacy of accuracy, completeness and availability of data
-
Review access controls including SAP Authorisation
-
Using Data Analytics to identify improvements in application design / system transaction flows; or improvement in business processes.
-
Review operating systems and database security as well as IT operational controls (e.g. change controls, computer operations, monitoring controls and .etc).
-
Participate in System Development Life Cycle (SDLC) review to provide advice on security and control features during the development stage including pre-implementation and post-implementation controls.
-
To review the system availability in relation to IT infrastructure setup, disaster recovery plan and readiness in testing.
-
To present and articulate the cyber security observations to senior management.
-
To have good understanding of the cyber security audit methodology and the security defence measures put in place against cyber-security threats
-
Ensures staff compliance with Audit Procedures when reviewing/approving audit plans, working papers, audit reports and other ad hoc assignments submitted by staff.
Job Requirements:
-
Degree in Computing or Accountancy
-
CIA/CISA/CRISC/CISM/CISSP/PMP/Agile certifications is an added advantage.
-
At least 7 years of IT external or internal audit working experience to audit the application systems with big 4 Accounting firms or large conglomerates.
-
Years of IT security implementation experience either from in-house capability; a Service Integrator (SI) environment or from a consulting firm are also welcome.
-
Practical knowledge of Microsoft technologies, open source (e.g. Linux), SAP HANA, OBIEE, SQL, RPA (e.g. UI Path), Oracle, cloud hosting, behavioural analytics, datacentre operations or SaaS (Software As A Service) will be beneficial.
Audit Manager, Cyber Security
We are looking for a dedicated and meticulous cybersecurity specialist to join our growing team. In the role you will operate independently and as part of a team to conduct security audit on our software, hardware, and related components whether they are protected from cyber attacks. After conducting a security audit, you will issue a detailed report that outlines the effectiveness of the system, explains any security issues and suggests changes and improvements.
Job Responsibilities :
-
Plan, execute and lead security audits;
-
Conduct technical audits which include network architecture review, network penetration testing, application penetration testing, and host configuration review;
-
Be familiar with cyber security incidents response process, threat management, SIEM, and other security solutions;
-
Weigh the relevancy, accuracy and perspective of conclusions against audit evidence;
-
Develop rigorous “best practice” recommendations to improve security on all levels;
-
Provide fair and balanced insights into current, emerging and potential issues, trends and opportunities that will enhance efficiency and effectiveness of the control processes;
-
Collaborate with departments to improve security compliance, manage risk and bolster effectiveness;
-
Write report and presentation slides to present the findings and recommendations.
- Undergraduate or master’s degree preferably in one of the following areas: Information Security, Business Management, Information Systems, Computer Science, Engineering, and other related majors.
- Knowledge and 6 - 8 years of hands-on experience with key components of cybersecurity include cyber assessment, network and infrastructure security, threat detection, incident response, vulnerability management, security governance, and risk and compliance.
- Practical experience with conducting cyber assessment and penetration testing.
- Possession of at least one of the following certifications: CISSP, CISA, CISM
- Certified in CREST would have added advantage.
- Excellent interpersonal, written, verbal, communication, and presentation skills.
Interested candidates can email to Ms. Tay Ya Shuang at yashuang.tay@mohh.com.sg for any queries and to apply.
Date posted: 31 August 2021
Disclaimer:
The page contains links to websites which are not operated or controlled by IIA Singapore. IIA Singapore makes no representation or warranty whatsoever in respect of any linked website and shall not be responsible for the content of any linked website. In addition, a link to any non-IIA Singapore website does not imply that IIA Singapore endorses or accepts any responsibility for the content or use of such website. Use of any external website is subject to its terms of service and privacy policy. You are responsible for exercising caution and good judgment when using external websites.