Associate - Information Technology Audit

Company Introduction:

We're home to Asia's most dynamic and vibrant capital markets.
Connecting capital, ideas, inspiration and innovation for deeper, more diverse and liquid global capital markets; providing greater choice and opportunity for our customers, each and every day.

HKEX is a purpose-driven company. Our commitment to the long-term development of our business and our markets is articulated in our purpose: "To Connect, Promote and Progress our Markets and the Communities they support for the prosperity of all."

Job Summary:
Group Internal Audit (GIA) supports the HKEX Group in achieving its business objectives, safeguarding its assets and reputation, and raising its control culture awareness through the provision of objective, independent and insightful assurance to the Board and senior management. GIA reports directly to the HKEX Audit Committee and administratively to the Group Chief Executive Officer.

The Associate is responsible for performing high quality IT audits for the Group in accordance with GIA's audit methodology, and supporting and contributing to departmental initiatives. The role reports to the Head of IT Audit.

Job Duties:

Responsibilities:

• Independently conduct risk-based audits. Support the entire audit life cycle through conducting walkthrough meetings, performing control testing and preparing write-up for audit issues and reports.
• Identify and escalate potential audit issues and root causes to the Auditor-in-Charge and GIA management for resolution.
• Contribute to the continuous risk monitoring and assessment of IT / business operations to identify emerging/ high risk areas for coverage. Provide advice and insight to stakeholders to improve the Group's control environment.
• Develop good knowledge of the Group's strategy, products, risk management processes and operating platforms.
• Stay current of the industry development, business and IT trends. Conduct research on industry and risk topics to increase effectiveness of audit coverage and GIA's ability to add value to the Group.
• Validate remediation of audit issues in an effective and timely manner.
• Participate and contribute to departmental initiatives such as continuous improvement of GIA's audit methodology.
• Support the preparation of materials for senior management, Audit Committee and regulators.

Requirements:

• At least 5 years of experience in internal or external audit, risk management, compliance, cybersecurity, preferably with professional firms or financial institutions. Other relevant expertise will also be considered.
• A university graduate of relevant disciplines (e.g. Accounting, Finance, Business Administration, Technology, etc.)
• Possess at least one relevant professional qualification such as CPA, CIA, CFA, FRM, CISA, CISM, CISSP, CEH, CCSP / CCAK, CSX-P or other security related qualifications.
• Good understanding of industry cybersecurity standards such as National Institute of Standards and Technology (NIST) Cybersecurity Framework, ISO 27001, CIS, etc.
• Good understanding of the underlying IT risks, application controls, assessment practices and various IT security software, operating systems, databases, telecommunication, networking technologies and emerging technology risks (AI, blockchain, cloud).
• Team-oriented with a strong sense of ownership and individual accountability.
• Independent and motivated with the ability to multi-task and remain organized.
• Demonstrate agility and the ability to operate in a fast-changing environment.
• Demonstrate effective communication by clearly articulating audit findings to stakeholders.
• Experience in leveraging data and technology an advantage.

HKEX is committed as an Equal Opportunity Employer. Diversity is one of our core values and we look to support, respect diverse perspectives, abilities, culture and experiences within our workplace.

Location:
HKEX - Exchange Square

Shift:
Standard - 40 Hours (Hong Kong SAR)

Scheduled Weekly Hours:
40

Worker Type:
Permanent