Share this Job
Apply now »
Job Req Id:  299146
Business Area:  Risk Advisory
Date Posted:  28-Jul-2022
City:  Hong Kong

Title:  Senior Consultant (Fintech Assurance) - IT & Specialized Assurance - Hong Kong

Pursue a Career with Impact

At Deloitte China, we are on a mission to nurture and empower our people to become deep subject matter experts.
We offer the perfect platform to unleash your full potential and equip you to thrive on challenges, and partner with our clients to solve their most complex problems.
A world of opportunities awaits. Start your adventure and journey with us.

About the Business

Risk management covers many areas including security and privacy, reputation and control. Our professionals help clients across many industries flag, analyze, evaluate and manage strategic, technology, operational and fraud risks while discovering opportunities to create value. If you want to make an impact by helping clients to prevent and manage risk-related issues while creating significant value to their businesses this may be your chance to start a remarkable career.

We bring world-class capabilities and high-quality service to clients, delivering the insights they need to address their most complex business challenges. In the digital era, technology innovation and business are inextricably connected to each other. Given the high demand of technology-enabled business, Deloitte professionals help our clients facing the most critical information and technology challenges in their business. Joining our Fintech Assurance Team in Risk Advisory, we are looking for the energetic professionals joining our team for assisting our clients in optimizing the business needs and strategy through technology.


Work you'll do

  • Lead and execute a wide range of risk assurance engagements, including but not limited to:
    • Conduct cybersecurity health check, regulatory compliance review and technical assessment for multinational investment banks, commercial banks, securities firm, insurance company, and multinational corporation in accordance to regulatory requirements (e.g. HKMA, SFC, IA) and industry standards (e.g. ISO 27000 family, NIST Cybersecurity Framework, SWIFT CSCF)
    • Review and provide advice for clients' digital transformations, fintech initiatives, and emerging technology implementation (e.g. artificial intelligence, blockchain, cloud, Internet of things, RPA, zero trust architecture, DevSecOps, etc.)
    • Provide strategic advice and technical implementation roadmap for our clients to enhance cybersecurity governance and operations
    • Perform internal control review/Service Organization Control 2 (SOC 2) audit, mainly for cryptocurrency exchange and custodian
    • Prepare written reports on projects work-done and recommendations, and present such to the project stakeholders/ senior managements of our clients
    • Assist our clients to improve their business/ financial related processes by the adoption of new technologies, tools, solutions and/ or applications
  • Assist in business and team development, including:
    • Develop risk assurance model and approach
    • Conduct research on latest fintech/cybersecurity trend
    • Maintain client relationship and handle potential opportunities
    • Support team members in professional development


A fit for the role? Let's talk about you.

We are looking for someone with:

  • Degree holder in Information Technology, Engineering, Computer Science, Accounting, Business or other related disciplines
  • Minimum of two years' experience in IT audit, technology risk management and/ or other related disciplines
  • Holder of certifications such as CISA, CISM, CISSP, OSCP, OSCE, CEH, GPEN, CIPM, CIPT, CBSP, CIA, CPA, ITIL, ISO 27001 Lead Auditor, CCSP, CCSK, CCAK, Azure/AWS-related certification, and/or other related certifications would be an advantage
  • Solid technical and or security knowledge, including IT governance, technology risk and controls, system and network architecture, IT/security operations
  • Experience and exposure in below areas would be an advantage:
    • regulations and industry standards including HKMA, SFC, IA, ISO 27000 family, NIST Cybersecurity Framework;
    • technical assessment, including penetration testing, vulnerability scanning, source code review, stress test;
    • emerging technologies, including artificial intelligence, blockchain, cloud, Internet of things, Fintech, Regtech, Insurtech, etc;
    • cybersecurity approach/principles, including zero trust architecture, DevSecOps;
    • RPA development, implementation using RPA software such as Uipath, Automation Anywhere, Blue Prism and audit of RPA;
    • ERP and/or cloud based applications over key business processes; or
    • business knowledge of specific industries, e.g. consumer business, real estate, manufacturing, banking, insurance and/ or e-commerce;
  • Accounting knowledge not necessary but will definitely be a plus
  • With good track record of delivering high quality projects
  • Good communication and presentation skills
  • Good command of spoken and written English and Chinese
  • Candidates with less experience will be considered as Analyst

Why Deloitte China?

Join Deloitte China

Deloitte China delivers a comprehensive range of audit & assurance, consulting, financial advisory, risk advisory and tax services to local, multinational and growth enterprise clients in China.

  • We are the world's largest professional services firm and change the world, leading with purpose and shared values
  • We are the undisputed market leader, creating value through multi-disciplinary services and innovative digital solutions, and developing world-class leaders and professionals
  • We have been named a "Top Employer China"  in the Chinese Mainland, Hong Kong & Macau since 2006, providing a “High Value, High Touch, High Tech” talent experience

Start your new chapter with us

Ready to take on new challenges? It's your time to shine. Apply now!

Stay connected for the latest career opportunities

Follow us on WeChat 德勤招聘
Join our group on LinkedIn

Apply now »