Technology Risk Manager

My client is a leading Chinese Bank, looking for a high-calibre candidate to support 2nd-line technology risk.

Responsibilities

• Provide Information security consultancy and to perform IT security review
• Develop and maintain security policy and standards to define security baseline requirements of the Bank
• Manage and review third-party security management to assure that relevant security controls are in place
• Conduct vulnerability scanning, identification, assessment & management in timely manner
• Coordinate penetration testing coordination & issue resolution to ensure vulnerabilities identified are timely mitigated
• Review compliance with security requirements and standards (e.g. HKMA C-RAF) to assure that the Bank are compliance with the relevant security requirements and standards
• Review infrastructure defense to consolidate effective perimeter defense

Requirements

• Bachelor's Degree holder in Computer Science, Information System, Business Administration or equivalent
• At least 5 years of experience in information & cyber security, technology risk, regulatory compliance, risk & control from the banking industry / consultancy to banks
• Extensive knowledge on information and cybersecurity principles and best practices
• Practical experience in conducting information security risk assessment
• Familiar with the regulatory environment of the banking and finance industry such as HKMA Cyber Resilience Assessment Framework C-RAF.
• Holder of certifications in information security / IT compliance (e.g. CISSP, CISA or CISM etc.)
• Excellent commands in Chinese (Mandarin preferred) is a must

*Welcome IANG holder

If this job isn't quite right for you, but you know someone who would be great at this role, why not take advantage of our referral scheme? We offer HKD1000 in Apple gift cards for every referred candidate who we place in a role. Terms & Conditions Apply. https://www.ambition.com.hk/refer-a-friend