Senior Manager, Internal Audit

JOB DESCRIPTION

• Risk control profiling to strategically identify areas of priority for technology assurance and advisory projects.

• Oversee the delivery and execution of audit strategy and related plans in accordance with departmental and professional standards.

• Plan and execute IT infrastructure, applications, process and governance audits of systems

• Conduct examinations, evaluations and reviews to ensure the adequacy and effectiveness of internal controls, reliability and integrity of the IT systems; compliance of policies, plans, procedures, and regulations and proper safeguarding of assets.

• Build and maintain key relationships with line management and related support functions in an advisory role to contribute to the improvement of the control environment.

• Prepare audit reports and communicate potential risk and controls issues to audit management and other key stakeholders.

• Apply digital tools and techniques effectively in enhancing the assurance and advisory work.

• Provide subject matter expertise to proactively advise the team on emerging technology risks, controls and incidents as well as provide coaching on technology assurance.

JOB REQUIREMENTS

• A good degree preferably with professional certification (e.g. CISA, CISSP, CIA).

• Experience in IT internal audit in fund management/ financial services/ investment management sector will be advantageous.

• Technical and functional auditing experience in IT areas (governance, developments, network/infrastructure security, risk management, outsourcing), cloud and distributed technologies, Web-based technology, mobile applications.

• Working proficiency /knowledge of deployment of security/discovery tools and sharing collaborative insights to the IS functions.

• Knowledge of generally accepted IS audit standards, statements, and practices, and IS security and control practices (NIST, ISO27000, SANS etc).

• Experience in performing cybersecurity maturity assessments and providing solutions that optimize security investments while strengthening the Group security posture.

• Self-discipline to keep abreast with advancements in information, operational and communication technology including telecommunication, cyber security, big data, virtualization and cloud computing as well as systems development methodology.

• Strong analytical thinking.

• Ability to work under pressure to meet multiple deadlines and manage diverse team compositions with varied capabilities.

• Skill in negotiating issues and resolving problems.

• Good report-writing and communication skills

• Overseas travelling will be required.

#LI-SN1

BUSINESS SEGMENT

PLATFORM