Senior Manager, IT Audit
HK-AIA Building (AIA HK), Hong Kong
AIA
AIA provides insurance solutions to both individuals and businesses. Find out more about our services and latest updates.FIND YOUR 'BETTER' AT AIA
We don’t simply believe in being ‘The Best’. We believe in better - because there’s no limit to how far ‘better’ can take us.
We believe in empowering every one of our people to find their 'better' - in the work they do, the career they build, the life they live and the difference they make. So that together we can support even more people - including our own - to live Healthier, Longer, Better Lives.
If you believe in better, we’d love to hear from you.
About the Role
- To provide value-adding independent audit services to the Audit Committee, Group Office, senior management and the regulator on the company’s capacity to manage risk and to provide reasonable assurance that the system of internal controls, as designed, is achieving its objectives.- To assist in the development, and complete the annual audit plan, which will be approved by the AIA Group and local Audit Committee.
- Lead/facilitate discussion of issues and remedial action plans with the appropriate levels of management
- Follow-up outstanding audit issues and monitor timely completion of agreed remedial actions by management
- Lead or participate in other ad-hoc or specialized assignments as required.
Roles and Responsibilities:
- Plan, lead/support and execute IT audits within the organization in accordance with the annual audit plan approved by the Group and Local Audit Committee. Review and co-ordinate the work of the team members and ensure that the working papers, draft audit reports and other deliverables meet internal standards and assignments are completed within budgeted time.
- Partner with local business auditors and intra Group colleagues to assess application IT controls related to key business processes and to devise and execute audit test steps.
- Build audit relationship with key IT Management and other stakeholders via regular interaction to maintain the IT audit universe and list of critical. systems, and to develop and to deliver the IT audit plan.
- Communicate the results of IT audits and other assignments via written reports and oral presentations, and provide professional advice and insights in order to enable informed management decisions.
- Follow-up outstanding audit issues and monitor timely completion of agreed remedial actions by management.
- Liaise with external auditors and regulatory inspectors on IT audit related matters.
Minimum Job Requirements:
Experience/Qualifications
- University graduate in IT or Computer Science or equivalent.
- Minimum 10 years of IT audit, technology risk or security risk management experience.
- Certificate holder of Certified Information Systems Security Professional (CISSP) and/or Certified Information Systems Auditor (CISA) and/or Certified Information Security Manager (CISM) with good understanding in IT controls and risks.
- Experience in a large financial services organization would be advantageous but not necessary.
Knowledge
- Proven experience in IT infrastructure and application audits. Specialty experience on IT audit topics such as Cloud Computing is an advantage.
- Strong record of managing the IT audit portfolio for a business unit, and provide structured support to business auditors in identifying, testing and reporting on automated application controls.
- Manage, execute and complete the assigned engagements in accordance with the GIA Standards and quality assurance review (“QAR”) requirements
- Knowledge in data analytics tools, scripting as well as all data analysis and visualisation functions would be an advantage.
Other skills
- Good command of both oral and written English, and demonstrated ability to present to senior management on audit findings and topics.
- Demonstrable experience managing relationships with senior management and in complex organisation structures.
- Ability to direct and drive multiple engagements simultaneously
- Ability to work under pressure and meet milestones within time, cost and quality constraints.
Others:
- You are required to obtain the relevant license(s) if your job involves regulated activities
Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.
You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Audits CISA CISM CISSP Cloud Computer Science Data Analytics IT infrastructure Risk management Scripting
Perks/benefits: Career development
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.