Responsibilities:

• Lead the planning and execution of risk-based operational audits of business processes with an IT focus, ensuring timely completion.
• Identify technology-related risks and assess the effectiveness of IT controls.
• Evaluate system configurations, access controls, change management, and disaster recovery procedures.
• Work closely with IT, cybersecurity, compliance, and business units to understand systems and risks
• Prepare clear, concise audit reports with actionable recommendations
• Enhance audit documentation and leverage data analytics in audit projects.
• Promote continuous improvement and professional development within the audit team.

Requirements:

• Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field.
• Professional certification (e.g., CISA, CISM, CISSP, CPA, CIA) is strongly preferred.
• Minimum 6–8 years of operational and IT audit with listed companies, multinational corporations, or professional services firms (preferably Big Four).
• Experience in reviewing internal controls and operational efficiency for core business processes (sales, procurement, finance, HR, etc.) is highly preferred.
• Strong understanding of IT frameworks (e.g., COBIT, NIST, ISO 27001), cybersecurity principles, and regulatory compliance (e.g., SOX, GDPR).
• Excellent analytical, communication, and project management skills.
• Self-motivated, able to work independently and lead audit engagements from start to finish.
• Good communication and interpersonal skills, with the ability to interact with various levels of management
• Experience with data analytics and ERP systems is a plus.
• Fluency in English, Cantonese, and Mandarin, with strong professional writing skills in English.
• Frequent travel to PRC factories and occasional travel to overseas offices in Europe and North America are required.
• Candidates with less experience will be considered for the position of Assistant Internal Audit Manager.