Technology Audit and Regulatory Governance Manager

About Mox
Mox is built by and for the ones who aspire to live life to the fullest - we call them Generation Mox!
The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration... it's all up for us to define together.
Why Mox
Mox helps you grow - your money, your world, your possibilities. We equip you with the financial management tools, information and insights you need to make your dreams, big or small, come true.
Everything at Mox - from our products, features, to rewards - is designed based on customer research, tailor made for your needs. We care about what customers care about, especially in data security and privacy. Data ethics is core to everyone here at Mox.
Mox rewards you with an array of banking and lifestyle benefits. Who says banking can't be fun?

Who are we looking for
As the Technology Audit and Regulatory Governance Manager, you will be reporting to the Head of TechOps, managing the first-line control environment and accountable for coordinating and responding to internal and external audit and regulatory enquiries on behalf of the Technology Team. You will be working closely with various internal stakeholders and external parties in this high-profile role.
As Mox continues to grow, you will help to drive maturity the Technology Team's controls and governance posture, utilising your experience and skills to streamline processes and deliver proactive enhancements.

Responsibilities

• Act as the single point of contact (SPOC) for Mox's technology team for internal and external audits and regulatory activities.
• Work closely with internal compliance teams and external assessors to ensure a thorough understanding of the requirements so that a comprehensive response can be formulated.
• Ensure that all audit and regulatory enquiries are systematically disseminated to the enquiry and determine the deliverables required for a structured response.
• Work closely with the various teams within technology to ensure that audit and regulatory deliverables are tracked, and timelines are strictly adhered to.
• Ensure senior management is kept informed of progress and any escalations are made in a timely manner with appropriate recommendations.
• Ensure standardisation of audit and regulatory responses by reviewing and amending responses where needed to ensure requirements have been addressed.
• Where necessary, request clarification of audit and regulatory requests so that requirements are clearly defined and understood.
• Manage a centralised database for all controls information, ensuring requests and subsequent responses have been recorded, minimising any duplication or resubmissions.
• Assist in maintaining the technology team's controls documentation. Make recommendations for improvement and ensure processes and procedures are reviewed and updated periodically.
• Administer and maintain a suitable controls framework that is aligned with industry practices (HKMA & SFC).
• Drive improvements to the technology team's controls posture by addressing gaps identified through self-testing.
• Perform regular assessments of the technology risk landscape, including self-identifying risks and proactively reporting these to the Risk Team (2LoD).
• Develop metrics and relevant KRIs/KPIs for the technology leadership team.

Requirements

• Bachelor's degree in accounting, finance, business or legal studies.
• CPA, CIA, HKICPA or other relevant qualification is an advantage.
• Professional audit certification such as CISA or other ISACA / Cloud Security qualification is required.
• At minimum, 5 years' experience in IT domains which key focus on IT audit / regulatory management, focusing on the area of auditing cybersecurity in a cloud environment.
• Experience with ICS and technology regulations (preferably HKMA and SFC).
• Familiarity with the three lines of defence risk model.
• Strong communication and collaboration skills to develop a strong network across a matrix environment.
• Ability to develop detailed action plans. Co-ordinate own/others' time, resources, workload.
• Ability and curiosity to analyse issues from different perspectives, recommend new, creative ways to solve problems.
• Exceptional organisation and multitasking skills with the ability to produce quality outcomes under pressure.
• Ability to focus on what is important and the ability to influence others to do the same.
• A detail oriented and perfectionist personality.
• Exceptunal spoken and written English a must.