• Assist to plan and conduct independent reviews based on defined methodology, IT standards and/or industry good practice with minimal supervision • Assess adequacy and effectiveness of ITD's internal controls, and properly document the assessment/review procedures performed • Prepare review reports, articulate and present any issues, root causes and recommended actions to management • Design and implement continuous monitoring controls using automated or data analytics tools • Coordinate with other IT teams to address control weaknesses, including design and implement new controls to address known issues • Proactively track, follow-up and report implementation status of issue remediation and risk mitigation • Revise/update IT procedures, and maintain IT standard library and IT registers • Conduct training to improve awareness of control requirements stated in IT standards, and/or any industry good practices • Work closely with Risk, Compliance and Internal Audit for risk mitigation and control improvements
• University graduate in information technology, information security or related disciplines • Minimum 4 years of relevant experience in technology risk, technology compliance, cybersecurity, or technology audit gained from financial institutions, or from IT consultancy firms • Holder of relevant professional certificates, such as, CISA, CISSP, CRISC, CGEIT is preferred • Good knowledge of NIST Cybersecurity Framework, ITIL, CMMI, ITSM, COBIT, PMBOK, SDLC, and/or key IT processes • Practical experience in IT control assessment/auditing, technology risk management, business & system processes review • Experience in designing and implementing new controls to mitigate identified risks • Working knowledge of controls verification using data analytics • Experience in reviewing and revising IT procedures • Self-initiated and be able to manage multi-assignments in a dynamic working environment • Strong problem solving, analytical and presentation skills • Excellent communications skills and advanced reporting writing skill in English and Chinese • Work experience in Big 4 audit firm or a consultancy firm is an advantage
HKEX is committed as an Equal Opportunity Employer. Diversity is one of our core values and we look to support, respect diverse perspectives abilities, culture and experiences within our workplace.
Hong Kong Exchanges and Clearing Limited (HKEX) is one of the world's major exchange groups, and operates a range of equity, commodity, fixed income and currency markets. HKEX is the world's leading IPO market and as Hong Kong's only securities and derivatives exchange and sole operator of its clearing houses, it is uniquely placed to offer regional and international investors access to Asia's most vibrant markets.
As the global markets leader in the Asian time-zone, we offer a world of opportunities for early careers and experienced hires. Here, we know that diverse thinking fosters better solutions, and we are committed to building an open and dynamic environment which allows our business to innovate and our people to thrive.
Discover the latest career opportunities and programmes at HKEX.
HKEX is committed as an Equal Opportunity Employer. Diversity is one of our core values and we look to support, respect diverse perspectives, abilities, culture and experiences within our workplace.