- Develop and maintain corporate-wide technology risk management and cyber resilience policy and process in compliance with the regulator’s requirements;
- As a second line of defense, assist risk owners in identifying and measuring risks to build a corporate-wide cyber and technology risks profile;
- Assist senior management in overseeing cyber and technology risks by ensuring controls are properly designed, implemented and operated as intended, and ascertain the consistency of risk assignment;
- Review residual risk level and control effectiveness to make recommendation for risk treatment;
- Interpret key risk statistics for reporting to senior management on regular basis;
- Coordinate to evaluate emerging cyber threat scenario for continuous improvement on cyber security response preparation for Business Continuity Management (BCM);
- Promote security awareness and ensure compliance with applicable security standards;
- Participate in cyber threat intelligence analysis to gauge the prevailing cyber threat landscape, and make recommendation on improving the company risk posture;
- Keep abreast of technological knowledge in managed area of responsibility, and provide recommendations for adaptation of new technologies and standard with reference to prevailing industry best practices; and
- Perform other duties as assigned by the supervisor.
- University degree preferably in information technology, information security or related discipline;
- Minimum 5 years of experience in information security or technology risk management field, Candidate with less experience will be considered as Manager, Technology Risk & Cyber Resilience;
- Holder of security certificates - CRISC, CISA, CISM, CISSP or other equivalent certificates is preferred;
- Practical experience and knowledge in risk management framework and methodology;
- Knowledge in control frameworks such as C-RAF, TM-E-1, TM-G-1 published by the HKMA, SWIFT Customer Security Programme, etc.;
- Experience in working for financial institutions; and
- A good team player with sound interpersonal and communication skills, good command of English language and proficiency in Mandarin.
We offer competitive remuneration package and excellent career prospects to qualified candidates. Interested parties please send your full resumes with present and expected salaries to us.
All applications will be treated in the strictest confidence and personal data collected will be used for recruitment purposes only.