Senior Manager (IT Audit)

The successful candidate will report to the Head of Internal Audit Department and have the following responsibilities:

• Identify, analyze, and evaluate IT risks covering IT governance, operational and security risks in the Group
• Review and assess the effectiveness, adequacy, and efficiency of controls related to IT security, operations, and cybersecurity risks
• Formulate an audit strategy, develop annual audit plans and determine the audit methodology
• Lead, plan, and execute in-depth audit reviews, consultative reviews, and other ad-hoc projects
• Identify root causes to the issues and make practical recommendations to senior management on how to address the issues identified
• Prepare and present audit reports to senior management
• Monitor and validate the implementation status of audit recommendations through regular reviews and proactive interaction with management
• Provide additional support and consultation services
• Continuously review key IT-enabled business initiatives and projects

Requirements:

• Degree in IT, Computer Science, Accounting, or related disciplines
• At least 10 years’ experience in IT audit / cybersecurity audit gained in external / internal audit field
• Professional qualifications in information systems (e.g., CISA, CISSP, etc.)
• Sound knowledge of IT governance standard (e.g., COBIT 2019), IT security standard (e.g., ISO27001), cybersecurity standard (e.g., NIST Cybersecurity Framework), and software development framework (e.g., Scrum Master) would be an advantage
• Sound knowledge of penetration test, vulnerability assessment (web application, mobile application and network and system infrastructure) with hands-on experience in ethical hacking tools (e.g., Kali, Metasploit, AppScan / OWASP Zap / Accunetix, Nessus etc.)  
• Qualifications in penetration test (e.g., OSCP, OSWE, CREST (CCT Web App), CREST (CCT Infra), eCPPT, eWPT, CRTP, CRTE, or equivalent) would be an advantage
• Committed to continuous development of knowledge in regulatory requirements, relevant industry / professional standards, best practices, tools and techniques
• Good report writing skills in English and Chinese
• Candidate with less experience will also be considered as Manager (IT Audit)
   

We offer attractive remuneration packages commensurate with experience and qualifications. If you aspire to an exciting and rewarding career, send your resume immediately, quoting your present and expected salaries by clicking the button Apply Now .

If the applicant does not receive a response by 18 June 2023, the application will be considered unsuccessful.Before submitting your application, please read the Personal Data (Privacy) Policy and Personal Information Collection Statement at our Company website. Information provided by applicants will be treated in strict confidence and used for recruitment purposes only.