Senior Information System Auditor

Permanent contract|Hong Kong|Audit / Control / Quality

Senior Information System Auditor

  • Hong Kong, Hong Kong
  • Permanent contract
  • Audit / Control / Quality


The role covers SG Business Lines and Group Functions in Asia Pacific and encompass various aspects of Banking Services with a core business activity focusing on Corporate and Investment Banking.

The IS Auditor is responsible for the execution of audit assignments and controls with a strong focus on Information Systems (IS) and IT Infrastructures, in particular on fields like Information System Security, Project Management, Software Development Life Cycle, Change and Release Management and Production Support.

Key activities in audit assignment are to:

  • Execute all audit assignments in accordance with internal quality standards,
  • Prepare audit work programs in good understanding of the specific risks to be evaluated,
  • Assess the control environment of both 1st and 2nd Lines of Defense (LOD1 and LOD2)
  • Perform audit controls within the committed budget and deadline,
  • Maintain clear work papers and audit trail of the work done,
  • Debrief auditees based on factual and clear findings,
  • Propose relevant recommendations to improve SG processes and reduce risks,

When acting as the Head of Mission, the auditor is also responsible to:

  • Manage the relationship and communication with the main auditee(s)
  • Efficiently manages the resources assigned to the mission
  • Set objectives and assess the contribution of auditors assigned to the mission
  • Regularly report the progress of the mission to the supervisor
  • Write concise and clear reports to communicate audit results to the management

In addition, the auditor follows-up audit recommendations in a timely manner, assess whether the risks have been sufficiently mitigated to propose the closure of the recommendation, or to escalate to the audit supervisors and management when needed.

The auditor also contributes to the annual Risk Assessment to elaborate the audit plan and takes part to the Continuous Audit Monitoring processes to adjust the audit plan if significant risks arise.

The auditor contributes his/her expertise to the local and global Information System Audit community and provide advice to business auditors on Information Systems risks.

The auditor is pro-active and show full accountability in the respect of conduct and behavior and demonstrate a positive culture of compliance, risk awareness and ‘doing the right thing', towards internal stakeholders as well as clients and markets with which he/she is engaged.

Profile required

SG Business Lines and Group Functions in Asia Pacific cover various aspects of Banking Services with a core business activity focusing on Corporate and Investment Banking.

The position is based in Hong Kong with several short-term travels of 2-3 weeks expected throughout the year in Asia Pacific, and eventually in Paris.

The main focus of the role will be SG Information System’s business applications, IT infrastructures (network, servers and database) and IT services.

Technical competencies and job skills required:

  • Bachelor degree or above in related disciplines, e.g. Information Systems, Computer Science, Business etc
  • Minimum 7-10 years of total experience in Information System Audit and/or operational experience in Information Systems in areas such as:

              O Information System Risk and Security

-             O Cybersecurity

              O Project Management, Agile

  • Good knowledge of regulatory reform, operational risk procedures and other compliance functions within banking
  • Data analytics skills and capacity to analyze audit trails using scripts or BI tools is a plus
  • Internal Audit or IT risks and control background is preferred such as:

              O OCISA, CISSP, CEH or another IT audit certification

  • Proficient in French is preferred. 
  • For internal candidates, candidates with GBSU and GTS experience will also be considered

Behavioral competencies and soft skills required:

  • Able to work independently and proactively, demonstrating a strong sense of ownership and commitment to deliver quality audits on time
  • Adapt quickly to new environment and curious to learn and develop new skills/knowledge
  • Robust analytical skills to relate IT risks with potential business exposure
  • Good communication skills and ability to interact with management as well as operational staff
  • Fluent command of English, with good report writing and presentation skills
  • Team player

Behavioral Skills 

  • Team Spirit - Collective mindset: I favour the team’s interest over my own results
  • Team Spirit - Open mindset: I listen and share my views and my expertise in an open mode
  • Innovation - Thinking out of the box/Creativity: I propose new ideas and solutions
  • Responsibility - Courage: I express my convictions and make decisions with courage and respect.
  • Commitment - Sustainability: I strive to develop my skills and knowledge
  • Client - Risk: I strive to satisfy clients while taking into account risks for the company

Business insight

Company Description

Societe Generale is one of the leading European financial services groups. Based on a diversified and integrated banking model, the Group combines financial strength and proven expertise in innovation with a strategy of sustainable growth. Committed to the positive transformations of the world’s societies and economies, Societe Generale seeks to build together with its clients, a better and sustainable future through responsible and innovative financial solutions. Active in the real economy for over 150 years, with a solid position in Europe and connected to the rest of the world, Societe Generale has over 117,000 employees in 66 countries and supports 25 million individual clients, businesses and institutional investors worldwide (figures as of August 2023). We have a presence in 11 locations across Asia Pacific. With our regional headquarters in Hong Kong – a core hub of the worldwide Societe Generale Group – we employ around 2,300 employees in the region. In addition, Societe Generale's Global Solution Centre (SGGSC) in Bangalore and Chennai supports the Group in Asia Pacific and globally with customised business solutions.

We are an equal opportunities employer and we are proud to make diversity a strength for our company. Societe Generale is committed to recognizing and promoting all talents, regardless of their beliefs, age, disability, parental status, ethnic origin, nationality, gender identity, sexual orientation, membership of a political, religious, trade union or minority organisation, or any other characteristic that could be subject to discrimination.

Reference: 23000K6Y
Entity: Societe Generale Hong Kong Branch
Starting date: immediate
Publication date: 2023/09/12