Senior Manager, IT Audit

Roles and Responsibilities:
• Help identify key risks at the local level for each entity considering the relevant strategies and business environment.
• Help develop the annual audit plan considering the key risks identified.
• Plan, lead and execute audits within China and evaluate the adequacy of Information System related controls according to established schedule and quality requirements.
• Assist in the preparation of the annual audit plan and schedules and Audit Committee reports.
• Coordinate and co-operate with external auditors to leverage review work done so as to minimise interruption to business units. Partner with financial auditors to assess application IT controls related to key business processes.
• Review or prepare audit reports and lead discussion of issues and remedial action plans with the appropriate levels of management.
• Facilitate issuance of audit reports to management.
• Follow-up outstanding audit issues and monitor timely completion of agreed remedial actions by management.
• Proactively contribute to the development of the team through coaching, training and providing timely feedback to junior staff.
• Assist in evaluating whether the team has adequate human resources, technical expertise and proficiency to cover the annual audit plan.
• Review and co-ordinate the work of the team members and ensure that the working papers, draft audit reports and other deliverables meet internal standards and assignments are completed within budgeted time.
• Assist the Head of China IT Audit in training, mentoring and evaluating staff, and taking corrective actions to address performance issues.
• Liaise with the control community and other members of the company to contribute to the implementation of an effective and efficient system of internal control.
• Develop rapport with business unit management through regular communication of changes in business operations, emerging risks and potential issues, etc.
• Provide professional advice and insights to management to enable informed management decisions.
• Take the initiative in improving self through classroom and on-the-job trainings.
• Perform other responsibilities and duties periodically assigned by the Head of China IT Audit in order to meet operational and/or other requirements.
Minimum Job Requirements:
• University degree in IT or Computer Science (or equivalent)
• Minimum 10 years of IT audit, Information Security or solid technology risk management experience, preferably with regional experience is an advantage, in at least one of the following areas:
• Cybersecurity
• Network Security
• Platform Security (AS/400, Windows, Linux, Unix)
• Database Security (Oracle, MS SQL, Sybase, DB2)
• Mobile Security
• Endpoint Security
• IT Operations
• Software Development Life Cycle
• Threat and Vulnerability Management
• Certificate holder of Certified Information Systems Security Professional (CISSP)/ Certified Information Systems Auditor (CISA)/ Certified Information Security Manager (CISM)
• Strong understanding on IT controls and risks
• Strong understanding of local regulatory requirements
• Deep understanding of emerging information technologies such as AI and cloud computing is preferred
• Prior team management experience is preferred
• Good command of both oral and written English and Chinese
• Experience in presenting audit issues to members of Senior Management / ExCo, Board or Audit Committee is preferred
• Knowledge with audit tools and other software such as data analytic tools and MS Office
• Good team player who is committed to achieve results
• Ability to work under pressure and meet milestones within time, cost and quality constraints
• Strong analytical, written/verbal communication, presentation, interpersonal, and relationship building skills
• Solid problem-solving skills, ability to analyse complex data, identify core issues, investigate, evaluate and reach appropriate conclusions
• Ability to adapt to changes quickly and multi-task
• Willing to travel across China and within the region if necessary