Analyse and evaluate client’s IT risks and controls, provide IT risk reduction recommendations, and assist in implementing solutions.
Conduct benchmarking and gap analysis with IT risk-related industry frameworks (i.e. NIST, ISO, COBIT, C-RAF etc.) and provide recommendations.
Assist with scoping, financial management, delivery risk management and the initial review of deliverables.
Conduct fieldwork and manage small project teams to deliver value-added assurance services to clients.
Identify and communicate IT audit findings to senior management and clients.
Provide IT general controls and application controls audit support to external audit.
Determine the objectives, scope and extent of each IT audit and ensure that the IT audit is professionally and efficiently completed within deadlines.
Perform security and vulnerability assessment, assist in compliance monitoring review to identify control weaknesses and recommend remedial actions.
Provide an advisory role to business units and IT groups to assess security requirements and controls; to enforce security control policies as planned.

Bachelor’s degree in computer science, Information Management, Accounting, or other related disciplines
5+ years’ working experience within IT Audit, Cybersecurity, IT Information Security or IT Risk; more experienced may be considered for the position of Senior Manager
Professionally qualified in CISA, CPA other specialist skills/qualifications
Strong command of written and oral communication skills (English, Mandarin & Chinese)
Strong teamwork ability and able to work independently
Good interpersonal, communication and problem-solving skills
Frequent travel.

IT Manager / IT Senior Manager, Risk Advisory Services

Key skills