Senior Manager/Manager, Technology Risk Management, RMD
- Perform the technology risk management process which identifies, measures, monitors and controls technology-related risks of existing/new systems, processes and initiatives
- Ensure awareness of, and compliance with, the Bank's IT control policies, and to provide report with recommendations, if any, after investigation of any technology-related incidents
- Implement risk issue management procedures for assuring the required policies and guidelines are enforced in daily operation
- Recommend and implement remedial actions and control measures
- Plan and work with the technology team and any concerning parties on technology related initiatives
- Perform review and/or security assessment on the related initiatives
- University graduate with major in Computer Science, IT or related disciplines, with professional qualification such as CISSP, CISM, CISA, CREST CPSA / CRT, CEH is preferred
- At least 5 to 7 years of relevant work experience in IT / Cybersecurity Security, e-Banking security, BCP/DR and/or relevant risk control area
- Solid experience in handling technical information / cybersecurity security issues and good understanding of business processes and related regulations including HKMA TM-G-1, TM-G-2, SA-2, C-RAF, STDB, SFC, PDPO, etc.
- Proven experience in writing policies, procedures and reports is a must
- Familiar with infrastructure platforms, e.g. Data Centre Operations, Network Services (Voice / Data / Routing & Switching, security), Messaging, Desktop technology, Distributed Servers (UNIX and Windows), Mainframe etc.
- Knowledge / experience on ISO27001 is an advantage
- Work independently with good communication and interpersonal skills
- Conversant with MS Word, Excel & Chinese character input
- Good command of written & spoken English and Chinese including Putonghua