Head of Technology Risk Compliance

Responsibilities

• Regular review on the bank’s security posture against standard and industrial practice 
• Review the projects/process compliance level with the bank’s security standard
• Review the audit work and recommended actions and follow-up
• Review and follow HKMA CRAF and MAS assessment and simulation attack
• To oversee and monitor routine security administration compliance
• Maintain IT and vendor contact lists for both using Local and Group IT services

Requirements

• Tertiary education in computer science and related subject. Holder of CISSP, CISA or CISM
• Knowledge and skills on application security scanning, IT security and compliance, HKMA CRAF requirements and mitigation control, Threat Intelligence review and IOC assessment
• 10 years or above in IT Security and technology risk management