CK Hutchison, head office of a diversified group of companies with about 23,000 employees in Hong Kong and an additional 250,000 employees worldwide, invites high calibre and self-motivated individuals to join our organisation.
Assistant Managers / Senior Officers (IT Audit) – Group Management Services Department
The Group Management Services Department has 3 offices, in Hong Kong, UK and USA, and is responsible for the internal audit, information security, investigation and consultancy functions inthe Groups’ operating companies (including telecom, retailing, ports, eCommerce, China trade, pharmacy and manufacturing) around the world.
Due to our departmental expansion and the growing needs on the Corporate Governance compliance and information security risk assurance, we are seeking highly motivated individuals with good business sense to join our Global IT Audit Team.
Based in our Hong Kong office, successful candidates will have 30 - 40% overseas travels (mostly in Europe) to work with colleagues in various business sectors and multi-cultural environments for the following duties:
- Conduct IT audit / technical consultancy assignments (including general IT controls, application reviews, technical and security assessments).
- Participate in financial and operational audits like revenue assurance and data governance, as well as take up ad-hoc projects as assigned (e.g., fraud and forensic investigations).
- Develop and maintain Computer Assisted Auditing Techniques (CAATs) Programs.
- Identify control weaknesses, analyse evidential information and suggest practical recommendations for improvement and mitigating potential risks.
- Undertake cyber and system security healthchecks (e.g., penetration test and vulnerability assessment) and remediation.
- Liaise with clients to formulate action plans and assist in drafting and presenting audit reports to senior management.
- Perform follow-up review for proper implementation of audit recommendations.
- Carry out in-house IT administration tasks (e.g. maintain web-based continuous auditing / risk assessment applications and support Audit Management System configurations).
- Degree holder in Computer Science / Engineering / Information Systems and related fields.
- Pass professional examinations (e.g., CISA, CISSP or equivalent) are preferred.
Experience & Skill:
- 3-5 years’ experience of IT audit, computer programming, consultancy or project management; exposure in the telecommunications, retails and ecommerce industry will be a definite advantage.
- Hands-on experience on using network / application security scanning tools (e.g., Burp, Nessus and Nmap).
- Strong analytical and problem solving skills.
- Independent with analytical mind and risk control sense.
- A good team player with strong analytical and problem solving skills. Good command of English, while Putonghua or additional language skills will be a plus.