IT Audit Manager (Asia)

My reputable client, a HK listed company is expanding their IT audit team. If you are keen to know more, please get in touch!

About the responsibilities:

• Lead and organize ISO 27001 audits for various Asia offices with external audit firm to obtain and renew the certificates.
• Organize internal audits in various Asia offices to meet with ISO 27001 standard and enhance the information security awareness and practices in the offices.
• Prepare audit reports and provide recommendations.
• Manage the vulnerability risks with internal technical expertise, vendors and users to solve the vulnerability risks.
• Lead and manage at regional level all information security initiatives. Work with global counterpart to ensure the implementations are successful at regional level.
• Reporting on control deficiencies to management and making recommendation to mitigate risk and add values.
• Engaging remediation of identified issues through follow-up with internal and external providers.
• Demonstrate good practices for identifying and reducing information security risks.
• Support the business by reviewing and responding to client’s security questionnaire if required.
• Organising and managing Information Security Group meetings, ensuring that the Group operates according to its terms of reference and that actions are completed.
• Maintaining the information security risk register.

About the requirements:

• Bachelor’s degree in a technical/Computer Science field and/or equivalent work experience.
• Minimum of 7 years of experience in a similar role in IT auditin
• Experience or knowledge in ISO 27001, IT vulnerability risk management, Cyber security would be an advantage
• Professional certification (CIA, CISA or equivalent) is preferred but not mandatory.
• Excellent communication skills, verbal and written in English, Cantonese, and Putonghua