Resources Global Professionals (RGP) IT Auditor in Hong Kong, Hong Kong
Make a Difference in Your Professional Career!
To support RGP's continuous growth, we have immediate openings in our Hong Kong practice for seasoned IT professionals who are passionate in business consulting, innovative, result-driven, and people-oriented.
Confirm key stakeholders, roles and responsibilities
Understand critical business processes (e.g. online trading and settlement processes, order execution, and pricing, etc.) and environment in order to provide the proper business risk context for conducting review
Schedule meetings to understand the current processes, controls and assessment findings relating to the in-scope process
Review all relevant documentation and artifacts which may include: Existing policies & procedures, guidelines, risk assessment and internal control review
Discuss results with assignment stakeholder and present report to management team
Discuss with the key stakeholders on the proposed changes and action plans
Report on gap analysis, improvement recommendations
Benchmark International Standards, such as Risk IT (ISACA), ISO27001, COBIT, CDP etc., when conducting the following assessments:
Risk assessment for Application/Infrastructure systems
Cryptographic and key management Solution
Application privileged account and user access management
Data security management, access control and monitoring
OS vulnerability, patch management and security configuration
Network device security parameters settings
Data Loss Protection
University graduate in Management Information Systems, Computer Science, Computer Engineering, Accounting or related disciplines
CISA certification is required
CISSP, CIPP or CIA qualified is preferred
3 to 8 years directly related experience in IT audit and/or IT consulting, either in a Big 4, management consultancy firm and/or sizable financial institution
Solid project experiences in:
Reviewing client’s organization structure, department functions, management roles and responsibilities, especially in financial institutions
Identifying high level processes (reference to framework in similar Financial Services industry) and performing a technology risk review to identify the missing parts, inefficiencies, or inaccuracy.
Reviewing and assessing technology risk based on key business process
Performing gap analysis (findings vs. target), identify improvement recommendations
Strong interpersonal, influential and communication skills are required
Ability to plan, organize and lead the completion of audit projects
Fluency in English and Chinese
Our Consultants enjoy the flexibility and autonomy to choose the client projects that interest them, while continuing to build professional relationships within our global community of Consultant and business professionals.