Responsible for managing and executing technology and integrated audit assignment. Areas of focus of this role is placed on the audit coverage in relation to technology infrastructure and cyber security related risk.
- Perform, support or lead where directed, the planning, fieldwork, and reporting of audit activities in accordance with department and professional standards, and complete assignments in an efficient manner
- Acts in an integrated manner with audit colleagues and stakeholders, and demonstrates a proactive and engaging approach during audit cycle
- Perform follow up, tracking, validation and reporting of audit issues
- Highlight forward looking indicators of potential risks within the areas assigned through performing continuous monitoring/auditing activities
- Execute risk assessment, and obtain understanding of business strategy, plans, products, performance and risk-related issues to assist audit planning
- Assist in preparing accurate and timely management reporting
Qualifications and Key Requirements
- Bachelor’s degree in a related discipline and relevant professional qualification such as CIA, CCSP, CISM, CISA, CISSP
- Minimum 7 years experience in IT security or risk and control functions, preferably from financial services or banking industry
- Strong innovative and agile mindset; Flexibility to work across different situations and change priorities at short notice
- Solid knowledge and/or practical experience on cyber security and infrastructure security, good understanding of related regulatory expectations and framework
- Good understanding of the technology best practice (e.g. ITIL, COBIT, ISO2700) and regulatory framework, and general understanding of banking products
- Experience in planning and executing audits in accordance with professional standards, and with minimal supervision
- Enthusiastic, self-motivated, strong interest in learning, effective under pressure and willing to take personal responsibility / accountability
- Strong analytical and communication skills with good reports writing skills
- Good command of English and Chinese, knowledge of Putonghua is an advantage
To apply, please submit your CV with current & expected salary and availability. Applicants who are not contacted within one month may consider their applications for the specified position unsuccessful.
All information provided by applicants will be used only for recruitment purposes and will be used strictly in accordance with the Bank's personal data policies, a copy of which may be obtained by the applicant upon request. Unless otherwise instructed in writing by the applicant concerned, applicants may be considered for other suitable positions within the Bank. The personal data of unsuccessful job applicants may be retained for a maximum of two years from the date when the job application is rejected and such data may be retained for a longer period if there is a subsisting reason that obliges the Bank to do so, after which the personal data will be destroyed.