Internal Audit - Technical Auditor

at  Binance

Binance is the leading global blockchain ecosystem and cryptocurrency infrastructure provider whose suite of financial products includes the world’s largest digital-asset exchange.
Our mission is to accelerate cryptocurrency adoption and increase the freedom of money.
If you’re looking for a fast-paced, mission-driven organization where opportunities to learn and excel are endless, then Binance is the place for you.

REQUIREMENTS

• Minimum 5 years of experience in technology audit.
• Proven experience auditing IT aspects, including governance, risk management, system and cybersecurity, preferably gained within financial services, payment institutions or from regulators.
• Experience in digital forensics or investigation is highly preferable.
• Experience auditing or working in the First or Second Line of Defense IT, information security and operational risk functions, or experience with payments and international transactions would be advantageous.
• Sound understanding of software development, system architecture, information and cyber security and cloud computing.
• Knowledge of risk based auditing and risk management frameworks (e.g. ISO27001, NIST, COBIT, COSO, SOC2, PCI-DSS).
• Ability to apply analytics, process automation and develop a data-driven internal audit approach.
• Ability to review code (Python, Java, SQL etc.) and develop data analytics solutions is highly desirable but not essential.
• Confident in dealing with senior stakeholders such as Principal engineers, Head of Departments, CISO and CTO.
• Able to work effectively in a fast-changing business environment and manage shifts in priorities.
• Relevant professional certifications or industry accreditations (CISSP, CISM, CISA, CIA, AWS or GCP certifications etc.) would be a plus.
• Degree qualified in computer science, information security, engineering or of a quantitative discipline would be a plus.

• Identify key technology and data risks at the group-wide and local level for each entity, considering relevant strategies and business environment.
• Support the development of the annual audit plan considering the key risks identified.
• Preparation of the annual audit plan and schedules for Central and Regional units.
• Plan, lead and execute audits and evaluate the adequacy of risk management and control for technology and cyber related risks according to established schedule and quality requirements.
• Partner closely with domestic auditors and the CISO to assess and maintain the IT audit universe and provide training, tools and support to non-SME’s.
• Provide SME support to the broader team on technology and cyber risks.
• Keep up-to date with emerging risks and risk best practices.
• Continuously mature CIA’s capabilities and provide insights to key stakeholders.
• Advocate technology advisory services to other BUs to improve the relevancy of the Internal Audit.
• Plan and allocate resources to effectively accomplish the work to meet productivity and quality goals as well as adjust the IT audit plans based on the changing IT controls, risk posture, and/or business priority.
• Build strong audit relationship with key IT Management of the Central office and BUs via regular interaction, informing them of emerging risk issues and other key change controls related to key business processes.
• Draft audit reports and lead discussion of issues and remedial action plans with the appropriate levels of management.
• Facilitate issuance of audit reports to management.
• Lead the team to follow-up outstanding audit issues and monitor timely completion of agreed remedial actions by management.