Senior Manager, Information Security
- Hong Kong
- Permanent, Full time
- China CITIC Bank International Limited
- 19 Sep 16
Job Purpose: Ensure IT infrastructure setup and operations are aligned with the Bank’s internal policy and regulatory requirements by implementing IT security solutions.
• Develop and maintain information security policy, standard and baseline.
• Support and define IT security framework to guard against security exposure and technology risk.
• Conduct risk assessment on IT related initiatives, technology related outsourcing, e-Banking and public cloud related on project design and implementation to meet the requirements of HKMA, compliance, internal policy and best practices.
• Ensure the system, network and database security in compliance with established policy, standard and baseline.
• Manage and handle the vulnerability scanning/penetration testing for i-Banking and credit card data related systems to ensure security compliance.
• Execute and manage the cyber security matters.
• Provide support to the disaster recovery plan.
• Act as focal point to liaise with auditors regarding IT infrastructure.
• Provide suggestion and advice to IT application for security compliance.
• Degree holder in Information Technology or related discipline
• Holder of CISSP, CISM or CISA preferred
• Minimum 5 or 7 years experience in IT security and technology risk management
• Knowledge on operations system platforms, such as Windows, Unix, Linix
• Familiar with network security products, such as Firewall, Router, Switch, IDS/IPS, DDosS, Load-balancer, SSL VPN, End-point protection, DLP and APT solution
• Familiar with encryption technology and security standards for VDI, Mobility, Cloud, etc.
• Experience in application security control review is a big advantage.
• Experience in handling vulnerability/penetration test service provider and PCI-DSS assessor
•Knowledge on regulatory requirements such as HKMA, MAS, PCI-DSS