Technology Auditor (Fintech)

TL;DR

Technology Auditor (Fintech): Conducting internal audits for Qian Kun Futures Company Ltd (QKF) in Shenzhen, assessing the firm’s internal control structure, risk management, and compliance with regulatory requirements with an accent on technology and cybersecurity-related areas in China. Focus on identifying risks, assessing mitigating controls, and making recommendations on improving the control environment within the Chinese futures market context.

Location: Must be based in Shenzhen, China

Company

hirify.global is a leading global investment banking, securities and investment management firm.

What you will do

• Support IA management to formulate an audit plan / strategy in consideration of regulatory requirements and legal entity risk assessment in QKF.
• Execute and develop leading role in every step of an audit project including scoping, planning, fieldwork and reporting for both business and technology driven audits.
• Identify risks, assess mitigating controls, and make recommendations on improving the control environment.
• Prepare commercially effective audit conclusions and findings, and present to IA management and management in QKF.
• Be local contact point for regulatory interaction for IA relevant matters.
• Bridging the gap between the local and global audit teams and providing timely updates to the GS Audit Team on the key developments in QKF.

Requirements

• Minimum 4 years of experience in technology auditor or relevant technology development or support or risk management fields.
• Futures professional qualification of China Futures Association or candidate is expected to pass the examination within firm required timeline after employment.
• Strong experience and familiarity with China laws and regulations relating to Technology and Futures Business.
• Excellent written and verbal communication skills in Mandarin. English language skill is highly preferred.
• Job requires frequent interaction with overseas colleagues in virtual video media.

Nice to have

• Relevant degree in Computer Science, Information Security, Engineering or equivalent.
• Relevant certifications or industry accreditations (e.g., CISA, CISM, CISSP etc.).
• Past experience of dealing with the local regulator and understanding of their ask from the various regulations / standards and guidelines will be useful.
• Experience of relevant technology industry standards – ISO 27001, NIST Framework, CFA notices, standards and guidelines etc.

Culture & Benefits

• Committed to fostering and advancing diversity and inclusion in the workplace.
• Training and development opportunities and firmwide networks.
• Benefits, wellness and personal finance offerings and mindfulness programs.