A leading insurance firm is seeking a skilled IT Audit professional to join their dynamic team.
As a member of the regional IT audit resource pool (located in Hong Kong), responsibilities include:
- Collaborating with the IT Audit Director to create and consistently review a 6-month risk-based audit plan for the IT portfolio, aligning with business unit strategy.
- Executing and overseeing the completion of a range of audits within the area of responsibility following the agreed audit plan, and continuously ensuring alignment between audit and business strategies.
- Supporting the Audit leadership team in carrying out various continuous improvement, administrative, and reporting tasks to meet stakeholder requirements.
- Maintain a strong working relationship with Audit Directors and other members of the Internal Audit team.
- Manage portfolio and stakeholder relationships - Key expectations include building and maintaining positive working relationships with technology stakeholders as part of ongoing monitoring and risk assessment activities.
- Line/people management responsibilities - Focusing on development and coaching.
- Contribute to the creation of the annual audit plan in collaboration with colleagues and business line management. Clearly communicate specialist audit and resource needs to Technical Leads.
- Individually and collectively responsible for scheduling the resources for the Audit Plan.
- Oversee a range of diverse audit assignments, ensuring they are completed within time, quality, and budget constraints.
- Lead and support audits, discussing audit reports and findings with Management to guarantee appropriate responses are obtained for each issue raised in the report. As a lead, review audit working papers following the audit methodology.
In addition to a technology degree, the candidate should have relevant technical certification in Cloud or Software Engineering.
A minimum of 5-8 years of relevant technical experience in Cloud or Software Engineering (including DevOps or DevSecOps) is required.
Expertise in control, security, and management of one or more of the following areas:
- Cloud (PaaS, IaaS, and SaaS)
- Software engineering (including agile development), familiarity with DevOps and DevSecOps, and usage of APIs in development
- Robotic process automation
- Cybersecurity (NIST framework, security tools)
Knowledge of emerging technologies and related risks (e.g., blockchain, Internet of Things, robotics)
Recognized as a subject matter expert in their functional area and often sought after for advice or consultation
Besides regular audit work, has delivered impactful initiatives or products that improved the function (e.g., automating a manual process or developing an automated dashboard for more efficient risk identification)
Coding background or data analytics capability (familiarity with tools such as Python, SQL)
Good connections with people in the industry (to stay informed on developments in a rapidly changing IT world)