Senior Manager - Internal Audit (IS&T)

Position Summary

The Internal Audit Department is responsible for providing independent and objective evaluation of the adequacy and effectiveness of the risk management and internal controls system in various areas and functions of the Group and making relevant recommendations for improvement.

This position allows you to gain exposure to different activities within GEG.  Reporting to the Audit Committee, the Internal Audit Department is responsible for providing reasonable assurance in addressing at various types of risk across the Group.

Primary Responsibility

• Develop IT annual audit plan for the Group based on the audit risk assessment results, audit strategies and Enterprise Risk Register
• Work closely with relevant risk management teams in developing, assessing and maintaining IT audit risk profile and universe at Group level
• Conduct and/ or lead IT audits in an integrated approach, with a focus on IT governance, infrastructure, database and application systems, as well as perform ad hoc reviews or investigations on different areas to determine the adequacy and effectiveness of risk management and internal controls system in addition to regulatory compliance measures
• Facilitate audit with necessary IT-related support and conduct audits on IT-related areas on other internal audit assignments
• Follow-up closely with IS&T in all open IS&T findings for timely remediation or compensating controls meanwhile to reduce immediate risks and threats.
• Enhance audit process proficiency and effectiveness through implementing audit standards, methodologies and techniques, and providing a supporting IT environment
• Continuously improve application systems data acquisition automation process for operation audits and management reporting; maintain a secure data sharing platform within IA department
• Prepare and/ or review audit reports, discuss audit findings and observations with management
• Prepare executive summaries and reports to highlight key audit matters for senior management
• Assist in developing and/ or updating corporate audit strategies, policies and procedures
• Involve in early stages of major IS&T system projects for better understanding in newly adopted technology and scoping for future audits
• Provide coaching and be a mentor to junior members, lead talents development program of the department
• Develop in-depth knowledge of relevant technology and cybersecurity areas, its products and control functions
• Stay current with regulatory requirements, industry and business environment

Requirements

• Degree holder or above in IT, Computer Science, or related disciplines
• Minimum 8 years of experience in IT audit from Big 4, or an internal audit role within the Gaming industry or related control function with at least 4 years in supervisory positions
• Relevant professional qualification (e.g. CISA, CISM, CISSP, Network+, CCNP, CCIE) is a must
• Great understanding and sound knowledge of regulatory requirements
• Comprehensive understanding and in-depth knowledge of network security
• Solid understanding of IT general controls, application controls, computer assisted audit techniques (CAATs)/ data analytics, assessment practices and various IT security software, operating systems, databases, networking technologies and knowledge of emerging cybersecurity risks 
• In-depth knowledge of applicable auditing standards and control frameworks such as COBIT and COSO
• Strong leadership, project management, interpersonal, analytical and presentation skills
• Team-oriented with a strong sense of ownership and accountability
• Highly motivated with the ability to multi-task and remain organized
• Excellent written and verbal communication skills in English and Chinese
• Candidate with less experience will be considered as Internal Audit Manager