• 4-7 yrs exp. in IT audit/ IT risk control • CISA certification • ACL, SAS, MS Access
- Participate in the development and maintenance of audit methodology and procedures to provide independent assurance including but not limited to areas of processes, operations, infrastructure, network, outsourcing and security management.
- Lead/Participate in the audit process and procedures to provide independent assessment of IT activities, and evaluate the governance framework, risk management, regulatory compliance processes and internal controls systems.
- Lead/Participate in the special assignments (e.g. investigations and ad hoc/special projects).
- Act as business partner to Information Technology Division and other internal auditors to keep abreast of major developments/ updates to ensure understandings, efficiency and effectiveness of working practices and monitor the implementation and progress of audit recommendations.
- Bachelor degree in Computer Science, Computer Engineering, Information System or related disciplines with CISA certification
- Minimum 4-7 years of experience in IT audit/ IT risk control functions preferably in financial industry
- Certification in CISSP or other IT security qualification is preferred
- Sound knowledge of auditing requirements of banking industry and external applicable rules and regulations
- Experience in developing computer assisted audit technique using ACL, SAS, MS Access
- Strong analytical, organizational and communication skills
- Good command of English (Oral & Written) and Cantonese
- Willing to travel to PRC and Macau