FSO - Assurance - Audit - Technology Risk - Senior/Staff Accountant - Hong Kong Technology compliance, licensing, governance setup, massive data storage and related privacy security, virtual asset management, and resilience of the business require rigorous technology risk measures to safeguard the crown jewels and comply with regulatory requirements. As a technology risk specialist, you will guide clients to manage technology risks, comply with regulatory requirements and strengthen cybersecurity postures. At EY, you will belong to an international connected team of specialists helping clients with their most complex information security needs and contributing toward their business resilience. You will apply your technical skills to support businesses to identify and manage risks while enhancing their agility.   Your key responsibilities   The technology risk team focuses on providing clients with consulting services which include:   Conduct technology compliance review for institutions in the banking, wealth and asset management and insurance sectors licensed under Hong Kong, the Greater Bay Area and other regions Analyze IT environment, identify risks and evaluate controls, including cloud security aspects in accordance with regulatory requirements and industry standards and best practice    Act as an enabler to help clients with their compliance needs, especially under controls and requirements from the local and regional regulators   Act as a licensing advisor to support clients on their financial activity licensing journey from the technology risk perspective in cooperation with other EY teams   Assess and implement information security management frameworks based on well-known industry standards (e.g., ISO, NIST, COBIT, SANS)   Assist clients in building a holistic governance and incident management framework to effectively respond to and recover from cyber incidents   Assess and advise on managing risk from emerging technologies such as blockchain, virtual assets, artificial intelligence, machine learning and big data   Develop and review information security strategy plans in alignment with business requirements using risk-based approach   Perform information security awareness training and training program development for clients   Conduct vulnerability scanning, penetration test and cyber-attack simulation to assess and improve the effectiveness of controls in place   Manage client expectations and program implementation plans attending to stakeholders’ needs using project management principles   Keep up-to-date with the latest security trends and privacy laws that could have an impact on clients   Provide IT risk assurance service to clients by quality, independent audits of financial systems to maintain the integrity of the financial information Contribute to the development of the technology risk team acting as a mentor and coach to the junior members of the team and leading by example    Work effectively as a team member, sharing responsibility, providing support and maintaining communication Assist senior members of the team in the project management of client engagements   Contribute to the creation of proposals and go-to-market materials   Qualifications   Bachelor’s degree or masters’ degree preferably in one of the following areas: Information Security, Business Management, Information Systems, Computer Science, Engineering, and other related majors    2-5 years of relevant working experience, with hands-on experience in key components of the above-mentioned areas. Applicants with less experience or university graduates will be considered for junior position Possession of the following certifications (including but not limited to): CISA, CISM, CISSP Working toward the following technical certifications (including but not limited to): CRTP, CRTE, OSCP, GPEN, GXPN, Cloud-related certifications Good computer skills in Word, Excel, PowerPoint, Visio and Chinese processing Knowledge of SQL, Python or other programing languages would be considered as an advantage Excellent written and spoken English and Chinese. Fluency in Mandarin is an advantage   What we look for As a highly motivated individual and a good communicator, you will need to convey technical content in business language with senior management. You will also need to be a team player who is not only looking to enhance career growth, but also recognizes the value of developing others and strengthening the team.   What working at EY offers We offer a competitive compensation package where you will be rewarded based on your performance and recognized for the value you bring to the business. We also offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that is right for you   If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible. Join us in building a better working world. Apply now.