IT Risk / IT Audit - Senior Consultants / Consultants


  • Analyse and evaluate client’s IT risks and controls, provide IT risk reduction recommendations, and assist in implementing solutions.
  • Conduct benchmarking and gap analysis with IT risk related industry frameworks (i.e. NIST, ISO, COBIT etc.) and provide recommendations.
  • Conduct audit engagements with numerous engagement team members, include assisting with planning, execution and scheduling staff.
  • Provide IT general controls and application controls audit support to external audit.
  • Determine the objectives, scope and extent of each audit and ensure that the audit is professionally and efficiently completed within deadlines.
  • Prepare and present IT risk reports in a professional and concise manner.
  • Perform security and vulnerability assessment, assist in compliance monitoring review to identify control weaknesses and recommend remedial actions.
  • Provide an advisory role to business units and IT groups to assess security requirements and controls; to enforce security control policies as planned.


  • Bachelor Degree in Computer Science, Information Management, Accounting, or other related disciplines.
  • Senior Consultant should possess 2+ years’ working experience within IT Audit, IT Information Security or IT Risk; less experienced may be considered for the position of Consultant.
  • Professionally qualified in CISA, CPA, CSX or other specialist skills/qualifications (e.g. CISSP, CISM, CEH, OSCP, PMP, and PRINCE 2) for the position of Senior Consultant.
  • Strong command of written and oral communication skills (English & Chinese).
  • Confident with excellent presentation skills.
  • Good interpersonal, communication and problem solving skills.

RSM offers attractive rewards package and promising career prospects to the right candidates.  Applicants please send resume, quoting the Ref. TMC, with full career details and availability to the email address [email protected].

(Data collected will be used for recruitment purpose only)