• IT audit & legislation (Sarbanes-Oxley, PIPEDA, etc.)
• SOX Audit or Business Continuity Planning
• Regional role - IT process and IT risks (support RCSA)

Our client – Insurance company, is now looking for Information Risk Management - Security Consultant join within their team.

JOB DESCRIPTION:

This role provides leadership in representing the business unit IS audit/SOX activities, security reviews, disaster recovery, business continuity, and records management. In addition the role is responsible for overall business unit education of audit and compliance requirements, and providing management reporting.

Individual Responsibilities

• Take the lead role on behalf of the business unit in annual SOX, Key Risk Audits, (KRA’s) Internal and External audits
  • Draft responses and ensure Senior Management’s approval is acquired on all audits e.g. (SOX ,s5970, OSFI, Key/Specific Risk Audits)
  • Provide direction as subject matter expert to IS team members as it relates to the business units compliance obligations
  • Conduct internal reviews for all projects and consult with Project Managers to ensure controls are in place to meet audit governance process and escalate any significant issues
  • Ensure project and support teams, Senior management, and business staff address any IS related deficiencies that may be identified by an Audit.
  • Establish and oversee department procedures, documentation, and training to align with records management policies
  • Act as BCP Coordinator for the IS department Provide leadership in reviewing, updating, signing off, and leading exercises related to Business Continuity Plans Establish and develop business unit risk management tools and practices
  • Collaborate on Divisional and Global IS Risk Management initiatives
  • Provide education to IS teams regarding risk management requirements
  • Responsible to keep corporate audit databases up to date with statuses, issues, remediation plans etc.
  • Proactively monitor information from various internal sources and take corrective actions on IS risks Investigates risk related interconnections and impacts to other areas • Maintain strong relationships within the Business, Audit Teams, Corporate IS, and other global risk management teams
  • Contribute to geographically and culturally diverse cross-functional teams Ensure

adherence to quality standards and Global IS Information Security Risk standards

Job Requirements:

• Highly analytical with strong organizational and problem solving skills
  • Strong communication and relationship management skills with the ability to work with people at various levels throughout the organization
  • Excellent negotiation and conflict skills with the ability to challenge and drive to appropriate level of risk mitigation
  • Excellent written and verbal communication skills Effective interviewing, influencing, facilitation and presentation skills
  • Proven ability to work independently and in a team environment
  • Ability to work with multiple objectives and conflicting priorities
  • Knowledge of MLI Business unit procedures, supporting application systems and base infrastructure platforms
  • Excellent ability to lead various teams in adapting new processes to facilitate the audit process and/or fulfilling our BCP requirements.
  • SOX Audit or Business Continuity Planning experience
  • Strong knowledge of relevant legislation (Sarbanes-Oxley, PIPEDA, etc.)
  • Strong knowledge of risk related implications in application development and project management methodologies

WFH Policy: 3 days in the office, 2 days WFH.

Interested parties please email a MS Word version resume and expected salary to  aston.yeung@manpowergrc.hk  and quote the job reference no.