Role & Responsibilities:
- Lead, and conduct audit assignments and to control assessments involving Information Technology (IT) applications and infrastructure controls to ascertain control effectiveness and provide recommendations for areas of improvements, these include;
- Perform pre and post- implementation reviews of system implementations or enhancements;
- IT security audits (e.g. network, operating system and data center), including evaluating if security vulnerabilities are properly identified and mitigated.
- Evaluate information general computing controls and provide value added feedback. Test compliance with those controls;
- Perform various other reviews of IT management policies and procedures such as change management, business continuity planning/ disaster recovery and information security to ensure that controls surrounding these processes are adequate;
- Conduct project reviews of critical IT development programmes to ascertain adequacy of project and change management processes for effective implementation;
- Track and follow up open audit/regulatory issues related to IT to ascertain that they are timely and satisfactorily rectified;
- Provide Business and IT management with guidance on IT risk management matters, particularly on application and infrastructure security;
- Responsible for developing and maintaining the IT Risk Assessment; including identifying areas where business units should consider additional investment and areas internal audit should focus;
- Provide internal audit service through analyzing company server systems and multi-platform systems while providing business insights through visualisation, trend and correlation analysis and data mining to the company and develop internal work plans and project approaches;
- Develop, build & implement tools to analyse data to improve audit efficiency and effectiveness, (including for risk assessments). Ultimately be a source for analytics that business units adopt to provide business insights or for continuous auditing.
- University graduate in IT, Computer Science, Accounting, or related disciplines;
- 7 years’ experience in internal/external IT audit or IT risk management;
- Qualifications in information systems, operations or accounting highly regarded (e.g. CISA, HKICPA);
- Prior position in IT Governance/IT Audit – internal audit or external auditing firm;
- Sound knowledge of IT application and infrastructure controls;
- Thorough understanding of risk assessment practice and internal control concept. With the ability to formulate practical audit procedures for evaluating the company's internal business procedures, functions and other specific areas;
- Good analytical, interpersonal and communication skills;
- Good report writing skills in English and Chinese.
- The following relevant experience is preferred:
- Hands on experience in doing SQL programming and conducting data mining, as well as conducting query performance and tuning, using Oracle database, MS SQL-Server, MS Access, and/ or SAS;
- Experience in data analytics/process analytics/retail analytics, data modelling, data mining, database management, business intelligence implementation and development of data warehouse ETL process;
- Hands on experience in any of the following scripting languages: Python, R, Visual basic;
- Hands on experience in any of the business intelligent and analytics tools such as Qlikview, Tableau, SAS, IDEA, ACL, Oversight Systems, SAP BI, etc.
Please send full resume, current and expected salary, contact number and address to the Recruitment Manager, 29/F, New World Tower, 18 Queen's Road Central, Hong Kong or email to email@example.com.
(Personal data collected will be used for recruitment purpose only)
and follow us on our New World Talent Facebook page!