Vice President - IT (IT Compliance and Risk Management)
Job Responsibilities: - Identify and assess overall IT risks and develop relevant mitigation actions
- Review key controls in critical IT processes
- Identify compliance and control issues and recommend remedial actions
- Prepare management briefings on IT compliance and risk management matters
- Oversee IT Compliance and Risk Management team to develop and enforce IT related policies and standards
- Develop IT compliance review plan based on industry methodologies, standards and industry practices
- Assess adequacy and effectiveness of internal controls, including general IT and application controls
- Design and implement automated compliance monitoring and analysis tools/ solutions
- Lead compliance working group and coordinate with IT teams to address control weaknesses
- Track, follow-up and report implementation status of remediation actions and prepare management updates
- Organize staff training programme to improve IT compliance maturity
Job Requirements: - University graduate in information technology, information security or related disciplines
- Minimum 13 years of relevant experience in technology audit, risk and compliance with a minimum of 5 years at managerial position
- Experienced in managing compliance or technology audit teams
- Good knowledge of COSO, ITSM, COBIT, PMBOK, system development life cycle, and key IT processes
- Demonstrate track records in managing IT compliance programme in large-scale financial services organisation
- Being articulate in compliance concepts and issues to management
- Hands-on experience in using technologies to implement compliance solutions (e.g. compliance analytics)
- Holder of relevant professional certificates - CISA, CISSP, etc. is an advantage
- Strong problem solving, analytical, communication and collaboration skills
- Excellent command of both written and spoken English and Chinese
Applicants who do not hear from us within 6 weeks may consider their applications unsuccessful. Personal data provided will only be used for the purpose of employment application to HKEX
