Career

Career

Job Position
Manager (Technology Risk Management)
Major Responsibilities
  • Manage technological risk by ensuring controls are properly designed, implemented and operated as intended in meeting various international / domestic standards and regulatory requirements
  • Develop and maintain corporate-wide technology risk management framework, policy, guideline, standard, and operation procedures with reference to applicable best practices
  • Define technology risk indicators; collect, analyse and interpret the corresponding statistics for assisting senior management in overseeing technology risk
  • Identify control gaps, review the residual risk level and make recommendation for risk treatment
  • Recommend technology risk and security control measures and monitor the implementation for major projects
  • Analyse security events for detection, investigation and response to potential security issue
  • Maintain and monitor appropriate computer and network access controls, data, and physical security to ensure no security exposure
  • Promote security awareness for all level of staff members
  • Perform other duties as assigned by supervisor(s)
Requirements
  • University degree preferably in information technology or related discipline
  • Minimum 7 years of experience in technology risk / information security with in-depth exposure to system, network and application security, and production control methodologies, with at least 3 years’ experience at managerial level
  • Expertise in security practices and standards commonly adopted by the banking/financial industry such as the Cyber Resilience Assessment Framework (C-RAF), ISO27001 standard, etc.
  • Team player with sound interpersonal, communication and presentation skills as well as excellent problem solving and analytical skills
  • Holder of security certificates - CRISC, CISA, CISM, CISSP or other equivalent certificates is preferred
  • Good command of written and spoken English and Chinese, proficiency in Putonghua is an advantage
  • Familiar with computer audit, ethical hacking methodologies and/or knowledge in SWIFTNet security standard would be an advantage
Application Method
Interested parties please send your curriculum vitae stating your current and expected salaries, and the contact phone number to the Human Resources Division, Unit B, 25/F, MG Tower, 133 Hoi Bun Road, Kwun Tong, Kowloon or e-mail it to hrm@hkicl.com.hk.
All applications and personal information collected will be treated in strict confidence and only be used for the purpose of recruitment and selection. The information collected will be accessed by our authorized personnel only. Unsuccessful applications will be retained for two years for possible future job matching, and will be destroyed after the expiry of two years.