IT Audit and Compliance Manager
Job Highlight
Job Description
Work location: Taipo (onsite free parking)
Roles & Responsibilities
● Oversee the ISMS program & risk management process for IT
● Conduct and drive regular risk assessment as per compliance requirement
● In charge of the adoption of TISAX program for the whole JE organization and overseeing the entire programs
● Participating in internal and external audits with external auditors and customers
● Communicate security policies, standards, controls and posture to customers and stakeholders
● Participates in disaster recovery and business continuity planning (BCP) activities yearly with appropriate stakeholders
● Prepares reports, business cases, and presentations on security risk, controls, the status of compliance efforts, etc.
● Acts as liaison between IT and other functions (e.g., legal) regarding information security events or incidents Evaluate new or updated industry regulations to ensure continued compliance
Requirements
● A bachelor’s degree in information security, computer science, or related field
● 5+ years of compliance management experience
● Certifications: ISO27001 auditor and CISA
● Well-versed in industry regulations and can translate complex security concepts into layman’s terms
● Must be able to effectively communicate with all levels of management
● Strong interpersonal skills and ability to influence others
● Thorough knowledge of information security and compliance concepts
● Working knowledge of industry-leading information security tools and technologies
● Possess strong analytical and problem-solving skills
● Well-versed with security controls and understanding the underlying technical concepts
● Ability to work independently and manage multiple priorities simultaneously
● Ability to make problem solving decisions under pressure
● Positive attitude and strong commitment to the delivery of quality work
● Good command of written and spoken English, Putonghua and Cantonese
● Possess strong experience in cloud auditing method and technique
● Able to work with oversea colleagues and drive results
● Ability to work outside of normal office hour in a multi-regional environment (e.g.: Americas/Europe/Canada) regularly
Preferred qualifications
● In-depth knowledge of at least two major regulatory frameworks (e.g., TISAX VDA ISA 5/6 & ISO 27001:2022)
● Certifications in information security or compliance (ISO 27001 lead auditor, CISSP, CISM, CRISC, CISA etc.)
The information provided will be treated in strict confidence and be used only for consideration of your application for relevant / similar posts within the Group/ Company.
| Job Function | |
| Work Location | Tai Po |
| Education |
Degree
|
| Skills | Interpersonal skills |
| Spoken Language | Intermediate Cantonese / Intermediate English / Intermediate Mandarin |
| Written Language | Intermediate Chinese / Intermediate English |
| Employment Type | Full Time |
| Industry | Manufacturing |
The Johnson Electric Group is a global leader in electric motors, actuators, motion subsystems and related electro-mechanical components. It serves a broad range of industries, including Automotive, Smart Metering, Medical Devices, Business Equipment, Home Automation, Ventilation, White Goods, Power Tools, and Lawn & Garden Equipment. The Group is headquartered in Hong Kong and employs over 35,000 individuals in 22 countries worldwide. Johnson Electric Holdings Limited is listed on The Stock Exchange of Hong Kong Limited (Stock Code: 179).