Risk control profiling to strategically identify areas of priority for technology assurance and advisory projects

Oversee the delivery and execution of audit strategy and related plans in accordance with departmental and professional standards

Plan and execute IT infrastructure, applications, process and governance audits of systems

Conduct examinations, evaluations and reviews to ensure the adequacy and effectiveness of internal controls, reliability and integrity of the IT systems; compliance of policies, plans, procedures, and regulations and proper safeguarding of assets

Build and maintain key relationships with line management and related support functions in an advisory role to contribute to the improvement of the control environment

Prepare audit reports and communicate potential risk and controls issues to audit management and other key stakeholders

Apply digital tools and techniques effectively in enhancing the assurance and advisory work

Provide subject matter expertise to proactively advise the team on emerging technology risks, controls and incidents as well as provide coaching on technology assurance

Job Requirements

A good degree preferably with professional certification (e.g. CISA, CISSP, CIA)

Experience in IT internal audit in fund management/ financial services/ investment management sector will be advantageous

Technical and functional auditing experience in IT areas (governance, developments, network/infrastructure security, risk management, outsourcing), cloud and distributed technologies, Web-based technology, mobile applications

Working proficiency /knowledge of deployment of security/discovery tools and sharing collaborative insights to the IS functions

Knowledge of generally accepted IS audit standards, statements, and practices, and IS security and control practices (NIST, ISO27000, SANS etc.)

Experience in performing cybersecurity maturity assessments and providing solutions that optimize security investments while strengthening the Group security posture

Self-discipline to keep abreast with advancements in information, operational and communication technology including telecommunication, cyber security, big data, virtualization and cloud computing as well as systems development methodology

Strong analytical thinking

Ability to work under pressure to meet multiple deadlines and manage diverse team compositions with varied capabilities

Skill in negotiating issues and resolving problems

Good report-writing and communication skills

Overseas travelling will be required