Resources Global Professionals (RGP) IT Auditor in Hong Kong, Hong Kong

Make a Difference in Your Professional Career!

To support RGP's continuous growth, we have immediate openings in our Hong Kong practice for seasoned IT professionals who are passionate in business consulting, innovative, result-driven, and people-oriented.

Responsibilities

  • Confirm key stakeholders, roles and responsibilities

  • Understand critical business processes (e.g. online trading and settlement processes, order execution, and pricing, etc.) and environment in order to provide the proper business risk context for conducting review

  • Schedule meetings to understand the current processes, controls and assessment findings relating to the in-scope process

  • Review all relevant documentation and artifacts which may include: Existing policies & procedures, guidelines, risk assessment and internal control review

  • Discuss results with assignment stakeholder and present report to management team

  • Discuss with the key stakeholders on the proposed changes and action plans

  • Report on gap analysis, improvement recommendations

  • Benchmark International Standards, such as Risk IT (ISACA), ISO27001, COBIT, CDP etc., when conducting the following assessments:

  • Risk assessment for Application/Infrastructure systems

  • Cryptographic and key management Solution

  • Application privileged account and user access management

  • Data security management, access control and monitoring

  • OS vulnerability, patch management and security configuration

  • Network device security parameters settings

  • Data Loss Protection

Requirements

  • University graduate in Management Information Systems, Computer Science, Computer Engineering, Accounting or related disciplines

  • CISA certification is required

  • CISSP, CIPP or CIA qualified is preferred

  • 3 to 8 years directly related experience in IT audit and/or IT consulting, either in a Big 4, management consultancy firm and/or sizable financial institution

  • Solid project experiences in:

  • Reviewing client’s organization structure, department functions, management roles and responsibilities, especially in financial institutions

  • Identifying high level processes (reference to framework in similar Financial Services industry) and performing a technology risk review to identify the missing parts, inefficiencies, or inaccuracy.

  • Reviewing and assessing technology risk based on key business process

  • Performing gap analysis (findings vs. target), identify improvement recommendations

  • Strong interpersonal, influential and communication skills are required

  • Ability to plan, organize and lead the completion of audit projects

  • Fluency in English and Chinese

Our Consultants enjoy the flexibility and autonomy to choose the client projects that interest them, while continuing to build professional relationships within our global community of Consultant and business professionals.