Job Responsibilities
Perform the technology risk management process which identifies, measures, monitors and controls technology-related risks of existing/new systems, processes and initiatives
Ensure awareness of, and compliance with, the Bank's IT control policies, and to provide report with recommendations, if any, after investigation of any technology-related incidents
Implement risk issue management procedures for assuring the required policies and guidelines are enforced in daily operation
Recommend and implement remedial actions and control measures
Plan and work with the technology team and any concerning parties on technology related initiatives
Perform review and/or security assessment on the related initiatives
Job Requirements
University graduate with major in Computer Science, IT or related disciplines, with professional qualification such as CISSP, CISM, CISA, CREST CPSA / CRT, CEH is preferred
At least 5 to 7 years of relevant work experience in IT / Cybersecurity Security, e-Banking security, BCP/DR and/or relevant risk control area
Solid experience in handling technical information / cybersecurity security issues and good understanding of business processes and related regulations including HKMA TM-G-1, TM-G-2, SA-2, C-RAF, STDB, SFC, PDPO, etc.
Proven experience in writing policies, procedures and reports is a must
Familiar with infrastructure platforms, e.g. Data Centre Operations, Network Services (Voice / Data / Routing & Switching, security), Messaging, Desktop technology, Distributed Servers (UNIX and Windows), Mainframe etc.
Knowledge / experience on ISO27001 is an advantage
Work independently with good communication and interpersonal skills
Conversant with MS Word, Excel & Chinese character input
Good command of written & spoken English and Chinese including Putonghua