IT Risk and Control (Manager/ Senior Manager LOD 1.5) - Prominent Finance Firm
Pinpoint Asia
- 香港
- 長期
- 全職
- Lead and plan regular independent control assessments to evaluate compliance with applicable regulations, policies, IT standards, and industry best practices.
- Test and evaluate evidence, identify control deficiencies, and proactively propose improvement opportunities to enhance the control environment.
- Monitor and verify the implementation of remediation plans and controls by ITD functions, ensuring the closure of identified risks and issues.
- Prepare comprehensive review reports that effectively communicate issues, root causes, and actionable recommendations to IT management.
- Conduct training sessions to promote IT risk and control awareness and track compliance with established IT policies and standards.
- Facilitate discussions with IT teams to gather control design requirements and guide the resolution of identified control issues.
- Drive the establishment, enhancement, and maintenance of data analytics capabilities to strengthen control review processes.
- Evaluate the functionality of existing and new technology platforms, ensuring alignment with policies and IT standards.
- Collaborate on internal and external technology audits, actively participating in deep dives and testing exercises.
- Collaborate closely with IT teams to define practical remediation measures and document review results accurately.
- Maintain a continuous learning mindset, staying updated on IT risk and control concepts and industry trends.
- Bachelor's degree (or equivalent) in information technology or a related field.
- A minimum of 6-8 years of relevant working experience, preferably in a multinational financial institution or consultancy firm.
- Strong understanding of internal control concepts and the ability to assess and evaluate controls holistically, considering business and technology risks.
- Proven experience in conducting infrastructure, application, or business process reviews.
- Knowledge of NIST Cybersecurity Framework, ITIL, CMMI, ITSM, COBIT, and PMBOK.
- Professional certifications such as CGEIT, CRISC, CISA, and/or CISSP are highly desirable.
- Strong verbal and written communication skills in English, enabling effective participation in discussions, presentations, and report writing.
- Familiarity with distributed technologies, operating systems, and database platforms, along with a solid understanding of related controls.
- Ability to manage multiple tasks concurrently, prioritize effectively, and work independently with minimal supervision.
1) C++ Developer - Global Financial Trading Technology Firm (SYD)
2) Python/C++ Engineer in Data - Prominent Global Financial Market-Making Firm
3) C++ Developer - Global Financial Trading Technology Firm (HK)
eFinancialCareers
很抱歉,此招聘者不接受海外的應徵申請。