Technology Information Security Manager
- Review and enforce information security policy, standards and guidelines for IT business application and infrastructure projects
- Identify IT security risks including IT business application and infrastructure projects
- Conduct security assessments for business application, infrastructure projects and third-party service providers
- Undertake new security projects to improve the security controls, efficiency and ease of use
- Perform process re-engineering and efficiency improvement for the team
- Degree in Computer Science or equivalent.
- Certified Information Systems Security Professional, Certified Information Systems Auditor or Certified Risk and Information System Control, Certified Ethical Hacker, will be desired.
- Independent and able to perform tasks with minimum supervision.
- Excellent communication and interpersonal skills with good command of English.
- Have a very strong commitment to personal development and drive to develop himself / herself technically and professionally.
- Knowledgeable in IT controls, application security and risk management methodology.
- Competent in conducting infrastructure, application and third-party security risk assessment.
- Familiarity in Digital Banking and FinTech solutions will be an advantage
- Has in-depth knowledge of information security risks, concepts of new technologies, such as blockchain, cloud, mobile payment, hadoop, etc.
- Knowledgeable with cryptographic algorithm/functions and key management.
- Knowledgeable in compliance with MAS TRM, ABS, BNM, HKMA, CBRC, etc guidelines and regulatory notices.
- Knowledgeable in application penetration testing methodologies, such as OWASP will be an advantage.
- Knowledgeable with application development experience and programming/coding will be an advantage.