Senior Technical Manager - Audit Issues Oversight & Remediation Governance

The Job

You will:

1. Audit Issue Assessment

• Review audit reports and findings to understand the root causes of issues
• Review audit reports (internal and external) to identify control gaps, compliance issues, and operational inefficiencies
• Conduct root cause analysis to determine the underlying reasons for audit findings

2. Remediation Review

• Review detailed action plans to address audit findings, including specific steps, timelines, and responsible parties
• Ensure remediation plans align with organizational policies, regulatory requirements, and industry best practices

3. Tracking and Monitoring Remediation Progress

• Maintain a centralized system (e.g., audit issue log, GRC tool) to track the status of audit findings and remediation activities
• Monitor progress against remediation timelines and escalate delays or roadblocks to senior management
• Conduct follow-up reviews to verify that remediation actions have been effectively implemented

4. Reporting and Communication

• Prepare regular status reports Provide clear and concise updates on unresolved issues and potential risks

5. Documentation and Record-Keeping

• Document test results, findings, and recommendations
• Prepare detailed reports for management and stakeholders
• Maintain comprehensive documentation of audit findings, remediation plans, control testing activities and progress updates
• Ensure that all records are accurate, up-to-date, and readily accessible for audits or regulatory reviews

About You

You should have:

• Bachelor's Degree (preferred) in relevant risk management disciplines (e.g., Operational Risk management within an IT department or organisation, Information Security, IT Risk Management)
• Professional risk management certification (e.g., ISO 31000) and /or industry body affiliation is an advantage
• Experienced seasoned professionai with deep expertise in developing and running an Operational Risk Management function within an IT Division or organisation
• Proven track record in leading a risk function in a Technology environment
• 10+ years of experience in enacting the first line of defence IT operational risk role and responsibilities

Technical Skills

• Capable of understanding the Club's unique nature and culture in terms of Risk Management
• Capable of assessing and quantifying technology and operational risks, assessing mitigation measures and providing practical recommendations on risk mitigation controls when needed
• Understand industry best practices and trends on IT standards, governance, risk, and internal control
• Proficient in managing audit issues remediation
• Proficient in delivering technology and/or operational risk management frameworks from inception
• Knowledge of enterprise architecture, service management, asset management, change management and systems migration
• A good understanding of business and product knowledge of the Club and the business strategies, priorities, risks and controls in his/her core or functional area of responsibility
• Technically astute and excellent analytical and decision-making ability
• Excellent communication and report-writing skills in English
• High influencing and communication skills
• High professional and ethical standards
• Strong leadership, with excellent people and relationship management skills
• Manage/handle multiple tasks, and work under pressure and with conflicting priorities
• Proactive with high levels of initiative

Terms of Employment

The level of appointment will be commensurate with qualification and experience.

Enquiries

We are an equal opportunity employer. Personal data provided by job applicants will be used strictly in accordance with the Club's notice to employees and prospective employees relating to the Personal Data (Privacy) Ordinance. A copy of which will be provided immediately upon request.