IT Auditor (Permanent) IT Auditor (Permanent) …

in Hong Kong
Permanent, Full time
Last application, 09 Oct 20
in Hong Kong
Permanent, Full time
Last application, 09 Oct 20
This is an in-house permanent role Plan and execute audit assignments Looking for someone from technical background with Audit experience CISA/CISM/CISSP preferred


  • Conduct Information Technology and Cybersecurity audit work in accordance with the department’s methodology and ensure high standard of deliverables
  • Contribute to the ICT risk assessment of audit universe establishing a reliable communication channel with the auditees.
  • Follow through with auditee on implementation of recommendations
  • Participate in the audit team assignments and special reviews (when required by regulators, business lines, or senior management)
  • Plan and Prepare the Audit assignment e.g. understanding the methodology to be applied, acquiring a deep knowledge of the activities to be covered, understanding the detailed technologies, gathering relevant key figures etc.
  • Develop a thorough understanding of the activities within the scope of the assignment, its strategy and governance, and the related risks.
  • Evaluate the overall setup and identify the main areas of risk (including a comprehensive assessment of the management actions).
  • Execute detailed investigations leveraging on a strong technical knowledge in various IT systems (Databases, Operating systems Linux/Windows, Cybersecurity/Network security, Virtualization, containerization, Cloud Computing and related risks)
  • Leverage on adequate programming languages and scripting to perform efficient investigations by automating analysis.
  • Recommend appropriate actions to the management in order to remediate the identified weaknesses.
  • Present the conclusions of the assignment fieldwork to the senior management.
  • Perform a periodic and comprehensive risk assessment of the IT activities as per the Group guidelines.
  • Keep abreast of change/new development of regulatory requirements that are relevant to IT activities and related functions.
  • Assist in the elaboration of the IT audit planning following a risk-based approach.



  • Bachelor’s / Master’s Degree in Information Technology/ Management Information System/ Computer Science and related discipline
  • Strong background and experience in external auditing/ internal auditing/ IT/ risk/ compliance/ internal control/ operations in the financial services industry.
  • Strong expertise in Cybersecurity (IT security hands-on experience is a plus)
  • Relevant Certification in Audit, e.g. CISA, CISSP, CISM, CCSP is a plus
  • Outstanding analytical skills
  • Excellent writing and presentation skills (in English)
  • Ability to work effectively under pressure and within short deadlines


To apply, please drop an email to Andrew ( with your resume. Thank you


NLS logo
More Jobs Like This
See more jobs