FSO - Assurance - Audit - Technology Risk - Senior / Staff Accountant - Hong Kong

FSO - Assurance - Audit - Technology Risk - Senior / Staff Accountant - Hong Kong

Technology compliance, licensing, governance setup, massive data storage and related privacy security, virtual asset management, and resilience of the business require rigorous technology risk measures to safeguard the crown jewels and comply with regulatory requirements. As a technology risk specialist, you will guide clients to manage technology risks, comply with regulatory requirements and strengthen cybersecurity postures. At EY, you will belong to an international connected team of specialists helping clients with their most complex information security needs and contributing toward their business resilience. You will apply your technical skills to support businesses to identify and manage risks while enhancing their agility.

Your key responsibilities

The technology risk team focuses on providing clients with consulting services which include :

Conduct technology compliance review for institutions in the banking, wealth and asset management and insurance sectors licensed under Hong Kong, the Greater Bay Area and other regions

Analyze IT environment, identify risks and evaluate controls, including cloud security aspects in accordance with regulatory requirements and industry standards and best practice

Act as an enabler to help clients with their compliance needs, especially under controls and requirements from the local and regional regulators

Act as a licensing advisor to support clients on their financial activity licensing journey from the technology risk perspective in cooperation with other EY teams

Assess and implement information security management frameworks based on well-known industry standards (, ISO, NIST, COBIT, SANS)

Assist clients in building a holistic governance and incident management framework to effectively respond to and recover from cyber incidents

Assess and advise on managing risk from emerging technologies such as blockchain, virtual assets, artificial intelligence, machine learning and big data

Develop and review information security strategy plans in alignment with business requirements using risk-based approach

Perform information security awareness training and training program development for clients

Conduct vulnerability scanning, penetration test and cyber-attack simulation to assess and improve the effectiveness of controls in place

Manage client expectations and program implementation plans attending to stakeholders’ needs using project management principles

Keep up-to-date with the latest security trends and privacy laws that could have an impact on clients

Provide IT risk assurance service to clients by quality, independent audits of financial systems to maintain the integrity of the financial information

Contribute to the development of the technology risk team acting as a mentor and coach to the junior members of the team and leading by example

Work effectively as a team member, sharing responsibility, providing support and maintaining communication

Assist senior members of the team in the project management of client engagements

Contribute to the creation of proposals and go-to-market materials

Qualifications

Bachelor’s degree or masters’ degree preferably in one of the following areas : Information Security, Business Management, Information Systems, Computer Science, Engineering, and other related majors

2-5 years of relevant working experience, with hands-on experience in key components of the above-mentioned areas. Applicants with less experience or university graduates will be considered for junior position

Possession of the following certifications (including but not limited to) : CISA, CISM, CISSP

Working toward the following technical certifications (including but not limited to) : CRTP, CRTE, OSCP, GPEN, GXPN, Cloud-related certifications

Good computer skills in Word, Excel, PowerPoint, Visio and Chinese processing

Knowledge of SQL, Python or other programing languages would be considered as an advantage

Excellent written and spoken English and Chinese. Fluency in Mandarin is an advantage

What we look for

As a highly motivated individual and a good communicator, you will need to convey technical content in business language with senior management. You will also need to be a team player who is not only looking to enhance career growth, but also recognizes the value of developing others and strengthening the team.

What working at EY offers

We offer a competitive compensation package where you will be rewarded based on your performance and recognized for the value you bring to the business. We also offer :

Support, coaching and feedback from some of the most engaging colleagues around

Opportunities to develop new skills and progress your career

The freedom and flexibility to handle your role in a way that is right for you