Manager (Technology Risk Management) Manager (Technology Risk Management) …

Hong Kong Interbank Clearing Limited
à Hong Kong, Hong Kong, Hong Kong
CDI, Plein-temps
Dernière candidature, 14 juil. 20
Competitive
Hong Kong Interbank Clearing Limited
à Hong Kong, Hong Kong, Hong Kong
CDI, Plein-temps
Dernière candidature, 14 juil. 20
Competitive
The incumbent will assist in managing technological risk by ensuring controls are properly designed, implemented and operated as intended in meeting various international / domestic standards and regulatory requirements. S/he will be responsible for developing and maintaining corporate-wide technology risk management framework, policy, guideline, standard, and operation procedures with reference to applicable best practices.

Major Responsibilities

  • Manage technological risk by ensuring controls are properly designed, implemented and operated as intended in meeting various international / domestic standards and regulatory requirements;
  • Develop and maintain corporate-wide technology risk management framework, policy, guideline, standard, and operation procedures with reference to applicable best practices;
  • Define technology risk indicators; collect, analyse and interpret the corresponding statistics for assisting senior management in overseeing technology risk;
  • Identify control gaps, review the residual risk level and make recommendation for risk treatment;
  • Recommend technology risk and security control measures and monitor the implementation for major projects;
  • Analyse security events for detection, investigation and response to potential security issue;
  • Maintain and monitor appropriate computer and network access controls, data, and physical security to ensure no security exposure;
  • Promote security awareness for all level of staff members; and
  • Perform other duties as assigned by supervisor(s).

Requirements

  • University degree preferably in information technology or related discipline;
  • Minimum 7 years of experience in technology risk / information security with in-depth exposure to system, network and application security, and production control methodologies, with at least 3 years’ experience at managerial level;
  • Expertise in security practices and standards commonly adopted by the banking/financial industry such as the Cyber Resilience Assessment Framework (C-RAF), ISO27001 standard, etc.;
  • Team player with sound interpersonal, communication and presentation skills as well as excellent problem solving and analytical skills;
  • Holder of security certificates - CRISC, CISA, CISM, CISSP or other equivalent certificates is preferred;
  • Good command of written and spoken English and Chinese, proficiency in Putonghua is an advantage;
  • Familiar with computer audit, ethical hacking methodologies and/or knowledge in SWIFTNet security standard would be an advantage
Close
Loading...