- Hong Kong Hong Kong
Ambition Hiring! Full Time Insurance - Internal IT Audit in Hong Kong - Ricebowl
Share
Save
Working Location
Job Description
Responsibilities
We are looking for an experienced Platform Quality Specialist to oversee defect tracking, vulnerability management, and audit follow‑up activities. This role is critical to maintaining the security, reliability, and regulatory compliance of our platforms and applications. The successful candidate will be hands‑on, detail‑oriented, and capable of driving strong quality controls and effective risk remediation.
Key Responsibilities
Audit and Compliance Tracking
Monitor and follow up on findings from internal and external audits. This includes coordinating remediation activities, collecting and validating evidence of issue closure, and providing accurate status reporting to stakeholders.
Security Risk and Vulnerability Management
Partner closely with the security team to manage findings from risk assessments and application vulnerability scans. Ensure issues are properly classified, prioritized based on risk, and assigned to the relevant teams, with progress tracked through to resolution.
Application Exception and Risk Mitigation Management
Manage application exception requests by working with application owners and security teams to define and document mitigation strategies for accepted risks. This includes establishing compensating controls, justifying risk acceptance, securing required approvals, and tracking exception status.
DevSecOps Tools and Pipeline Oversight
Collaborate with the DevSecOps team to implement and improve CI/CD pipelines. Leverage automation for application promotion, SAST and DAST scanning, and closely monitor remediation actions to ensure alignment with security and vulnerability standards.
Qualifications
Bachelor's degree in Computer Science, Information Technology, or a related discipline.
Minimum of 5 years' experience in IT vulnerability assurance, application risk management, or IT internal audit roles.
Strong understanding of the software development life cycle (SDLC), quality assurance practices, and defect management tools.
Solid knowledge of IT security fundamentals, vulnerability management processes, and common risk assessment frameworks.
Excellent analytical, problem‑solving, and communication skills, with the ability to work across technical and business teams.
Full-time
Key Responsibilities
Audit and Compliance Tracking
Monitor and follow up on findings from internal and external audits. This includes coordinating remediation activities, collecting and validating evidence of issue closure, and providing accurate status reporting to stakeholders.
Security Risk and Vulnerability Management
Partner closely with the security team to manage findings from risk assessments and application vulnerability scans. Ensure issues are properly classified, prioritized based on risk, and assigned to the relevant teams, with progress tracked through to resolution.
Application Exception and Risk Mitigation Management
Manage application exception requests by working with application owners and security teams to define and document mitigation strategies for accepted risks. This includes establishing compensating controls, justifying risk acceptance, securing required approvals, and tracking exception status.
DevSecOps Tools and Pipeline Oversight
Collaborate with the DevSecOps team to implement and improve CI/CD pipelines. Leverage automation for application promotion, SAST and DAST scanning, and closely monitor remediation actions to ensure alignment with security and vulnerability standards.
Qualifications
Bachelor's degree in Computer Science, Information Technology, or a related discipline.
Minimum of 5 years' experience in IT vulnerability assurance, application risk management, or IT internal audit roles.
Strong understanding of the software development life cycle (SDLC), quality assurance practices, and defect management tools.
Solid knowledge of IT security fundamentals, vulnerability management processes, and common risk assessment frameworks.
Excellent analytical, problem‑solving, and communication skills, with the ability to work across technical and business teams.
Full-time
Important Information
Never provide your bank or credit card details when applying for jobs. Do not transfer any money or complete unrelated online surveys. If you see something suspicious, Report this Job ad.
Learn More
