Senior Associate / Manager - IT, Internal Audit / Risk Advisory

Why join us

You don’t join Mazars by coincidence, you choose Mazars: a global school of excellence where you will be challenged to develop and grow. Progression is tied to education, empowering you to match your career to your aspirations both within and outside our firm. We expect your contribution to what Mazars and our clients do next and reward your ingenuity. Come and write the rest of (y)our story with us – you’ll make friends along the way too. Mazars, the smart choice.

Technological change and deep transformations present new and unknown risks, but also new opportunities to create value. In today’s volatile and ever more complex business environment, companies need to have confidence in their governance, risk management and internal control processes. Join Mazars’ IT Audit/Risk Advisory team in building the resilience our clients need to protect their long-term performance.

What you can expect for IT Senior Associate role

• Assist in planning activities, development of audit program, and execution of IT-related risk assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, GITCs and application controls, and regulatory/compliance requirements
• Conduct IT audit over general/ application controls, network security, cybersecurity, blockchain platform operations, and apply Computer Assisted Auditing Technique ("CAAT") for data verification, cyber hacking incident investigation
• Obtain good understanding of IT infrastructure, programs, networks and database, IT security, identify areas of improvement and make recommendations
• Work with client management team to assist in implementation of new processes and controls to address key risks, as necessary
• Draft comprehensive executive summaries and final reports for delivery to client senior management and document and review engagement workpapers in accordance with standard Mazars and industry-accepted methodologies
• Assist in kickoff, status, and closing meetings with engagement team and client and contribute to technology risk knowledge base and internal practice development initiatives
• Plan and execute IT-related audit engagements and risk assessments with a focus on strategic, operational and regulatory/compliance related risks

What you can expect for IT Manager role

• Design and execute the day-to-day activities of IT-related audits and risk assessments, with a focus on strategic, operational and regulatory / compliance related risks
• Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory / compliance requirements
• Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and senior management of clients
• Assist with proposal development, project scoping, delivery risk management and the initial review of deliverables
• Identify business opportunities and work with wider team to generate growth
• Contribute to technology risk knowledge base and internal practice development initiatives
• Supervise and provide performance management for junior / senior staff working on assigned engagements
• Write and present clear and concise reports and presentations containing meaningful observations and recommendations to clients, and document procedures performed and conclusions reached related to projects
• Lead proposal and business development activities by building propositions, identifying of new target clients, building business relationships with key executives, developing/presenting proposals, and assisting with client presentations
• Engagement management including the managing of scoping, delivery risk management and the review of deliverables

Who are we looking for (IT Senior Associate)

• Minimum of 3 years of experience working within an internal audit, IT risk or IT compliance function as an internal employee or as part of a professional services firm
• Degree holder major in IT, preferably computer science, computer and information security, cybersecurity or related disciplines
• Qualified professionals (CPA / ACCA / CIA / CISA etc.) with around 3 - 5 years of external audit / risk assessment / internal control review experience
• Exposure in conducting risk assessment and system-based internal control reviews over listed companies
• Good written presentation skills in both English and Chinese essential
• Fluency in spoken English, Cantonese and Putonghua is a must
• Willing to travel (more than 50%) and ability to work diligently under pressure

Who are we looking for (IT Manager)

• A minimum of 6 years of experience working within an internal audit, IT risk or IT compliance function as an internal employee or as part of a professional services firm
• Bachelor’s/Master’s degree in an appropriate field from an accredited college/university
• Prior knowledge leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL
• CISA, PMP, CISSP, CGEIT or CRISC certification is preferred
• Experience in business analysis and understanding of core business processes within industry sectors
• Experience with IT Risk Management and three lines of defense frameworks
• Excellent reporting and presentation skills
• Ability to deliver work within tight timelines, on budget and at a high level of quality
• Strong teamwork ability and able to work independently
• Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese) and exceptional interpersonal skills; able to gain the confidence and respect of senior level staff
• Willing to travel (more than 50%) and ability to work diligently under pressure

What we offer

We recognise that rewards are important to you. On top of the base salary you will be receiving, we offer a range of staff caring benefits and policies including medical and dental insurance, life insurance, a 5-day working week, discretionary performance bonus, birthday leave and marriage leave. Please apply with detailed resume, grade you are applying, contact numbers, current salary and expected salary in strict confidence.