Director / Senior Manager - IT Audit

A leading organisation in Hong Kong is seeking a Director of Information Technology Audit to play a pivotal role in shaping and safeguarding its digital landscape.

Responsibilities

• Develop comprehensive cyber risk mitigation plans that align closely with the organisation’s established enterprise risk management framework, ensuring all digital assets are protected against evolving threats.
• Affirm the implementation of effective security measures, policies, and procedures by working collaboratively with various teams to safeguard sensitive information and organisational resources.
• Continuously monitor and evaluate the effectiveness of existing cyber risk mitigation efforts, providing detailed reports and actionable insights directly to senior management and the board of management.
• Provide expert assistance and guidance to other departments, nurturing a culture of advanced security awareness among employees through regular engagement and educational initiatives.
• Collaborate proactively with both internal and external auditors to facilitate thorough security audits and assessments, ensuring full compliance with cybersecurity standards and best practices.
• Stay informed about emerging trends in cybersecurity technologies, maintaining up-to-date knowledge that enables you to anticipate potential risks and recommend timely solutions.
• Evaluate new technologies for their applicability within the organisation, conducting rigorous assessments of their potential benefits before making strategic recommendations for adoption.
• Lead cross-functional projects aimed at enhancing overall security posture while fostering strong interdepartmental relationships built on trust and mutual respect.
• Champion initiatives that promote inclusivity, knowledge sharing, and collective responsibility for information security throughout the organisation.

Requirements

• Extensive experience developing and implementing cyber risk mitigation strategies within large-scale organisations or complex environments.
• Proven track record affirming the deployment of effective security controls, policies, and procedures tailored to diverse operational needs.
• Strong background in monitoring cyber risk management activities, including evaluating outcomes and preparing comprehensive reports for executive audiences.
• Demonstrated ability to collaborate effectively with cross-functional teams as well as internal and external auditors during security assessments.
• Up-to-date understanding of emerging cybersecurity technologies coupled with sound judgement regarding their relevance for organisational adoption.
• Exceptional interpersonal skills that enable you to nurture a culture of heightened security awareness among colleagues from varied backgrounds.
• Experience leading projects focused on technology evaluation, strategic recommendation formulation, and successful implementation within dynamic settings.
• Commitment to promoting inclusivity, knowledge sharing, and collective responsibility throughout all levels of an organisation.