Information Technology Audit Manager

You are as unique as your background, experience and point of view. Here, you'll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can ma

Sun Life Financial, Inc. - Mongkok, Hong Kong - Full time

Salary: Competitive

You are as unique as your background, experience and point of view. Here, you'll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.

Job Description:

Job description (heading) / Description du poste (titre)

The Information Technology (IT) Audit Manager is a role within IA that will report to the Head (Data Analytics and Technology), Internal Audit Asia. The incumbent will support the execution of complex technology-related audit engagements and assurance projects in Asia. The role will also support the implementation of audit data analytics, integrated systems auditing, and digital-related reviews in the Internal Audit function, especially as it pertains to automating IT audit activity.

Preferred skills (heading) / Compétences particulières (titre )
  • Combined business and technology experience; risk and controls consulting experience in a Big 4 firm is highly preferred.
  • Technically proficient in internal auditing, governance, risk and controls, data analytics, technology and digital and fully conversant with the COSO framework of internal control.
  • Advanced data literacy and possesses digital dexterity or the ability and desire to exploit existing and emerging technologies for better outcomes. Demonstrates skills in the areas of innovation, adaptability skills, leadership and, stakeholder relationship management, critical and strategic thinking.
  • Demonstrated ability to deal effectively with staff of all levels including functional VPs and AVPs.
  • Demonstrated experience in working with diverse teams and working environments
  • Strong English communication skills (verbal and written), persuasive and articulate
  • Strong project management skills
  • Experience with SL's Risk Management Framework and knowledge of key IT risk processes; broad familiarity with SL's IT process offshoring model and work organization processes.

Qualifications (heading) / Compétences (titre)
  • Bachelor's degree holder in Accountancy, Information Technology, Engineering or related course with an auditing/accounting or IT audit designation (e.g., CPA, CIA, CISA); information security designations (CISSP, CISM) highly preferred.
  • At least 5 years of solid IT auditing and data analytics experience in a client-facing, matrix, project-based organization; typically gained through prior audit, advisory, consulting, or public accounting experience in a "Big Four" firm or other large organization.

Responsibilities (heading) / Responsabilités (titre)
  • Manage audit projects to cover key risks and produce meaningful audit reports that clearly articulate the position on risks and related issues, while meeting Internal Audit's operational targets related to budget, timeline and quality of execution.
  • Understand the company's technology strategy, operations and regulatory environment to proactively identify areas of emerging and heightened risk related to technology that affect the company. Reach agreement with management about the risks affecting technology teams in several Business Units (BU's) in the Asia Business Group; develop risk management objectives and audit programs to evaluate these risks.
  • Assess technology that is new to the company or the market, such as cloud computing, mobile technology, Generative AI and high-performance computing programs, and their related support models to provide assurance that key risks are managed while introducing new capabilities for our customers.
  • Develop testing strategies and report on company initiatives related to systems product delivery, production support maintenance and asset and vulnerability management processes.
  • Develop and implement a strategy to gain ongoing assurance over information services through automated methods. Identify opportunities to automate testing using toolsets deployed internally (CAATs and analytical tools) or through the assessment of other monitoring/analytic tools available on the market.
  • Support assigned technology/data-related components of business unit teams' audits and projects.
  • Positively influence BU management teams on their risk and control decisions to ensure that the organization maintains a strong risk culture and control environment.
  • Act as a subject matter expert in information technology, digital and data analytics.
  • Define and propose changes for information services audit units, maintain record of risks, key activities, systems and processes for sub audit units. Draft and maintain coverage strategy for sub audit units. Provide recommendations and ideas into the development of the IS audit plan.
  • Liaise with Corporate IT Infrastructure Audit team to ensure that key risks and controls are uniformly tested on a risk-informed basis and harmonize audit approach across multiple BU's; participate in development of standardized audit programs for key IT processes and contribute to assurance efforts on key risks across the Sun Life enterprise.
  • Collaborate with BU auditors in ensuring clarity of test procedures and ensuring that deliverables meet expected quality and timeliness requirements. Coach and mentor auditors and help them develop expertise on auditing information technology infrastructure and applications.
  • Perform program / project assurance reviews over key Business Unit technology adoption programs and participate in risk management committees with a view to influencing client engagement and decision-making; provide training and speak at client forums to increase controls awareness and assist clients in establishing controls best-practices.

Job Category:
Internal Audit

Posting End Date:
30/12/2024
22182946
Ad