Manager (Technology Risk Management) Manager (Technology Risk Management) …

Hong Kong Interbank Clearing Limited
in Hong Kong, Hong Kong, Hong Kong
Permanent, Full time
Be the first to apply
Competitive
Hong Kong Interbank Clearing Limited
in Hong Kong, Hong Kong, Hong Kong
Permanent, Full time
Be the first to apply
Competitive
The incumbent will assist in managing technological risk by ensuring controls are properly designed, implemented and operated as intended in meeting various international / domestic standards and regulatory requirements. S/he will be responsible for developing and maintaining corporate-wide technology risk management framework, policy, guideline, standard, and operation procedures with reference to applicable best practices.

Major Responsibilities

  • Manage technological risk by ensuring controls are properly designed, implemented and operated as intended in meeting various international / domestic standards and regulatory requirements;
  • Develop and maintain corporate-wide technology risk management framework, policy, guideline, standard, and operation procedures with reference to applicable best practices;
  • Define technology risk indicators; collect, analyse and interpret the corresponding statistics for assisting senior management in overseeing technology risk;
  • Identify control gaps, review the residual risk level and make recommendation for risk treatment;
  • Recommend technology risk and security control measures and monitor the implementation for major projects;
  • Analyse security events for detection, investigation and response to potential security issue;
  • Maintain and monitor appropriate computer and network access controls, data, and physical security to ensure no security exposure;
  • Promote security awareness for all level of staff members; and
  • Perform other duties as assigned by supervisor(s).

Requirements

  • University degree preferably in information technology or related discipline;
  • Minimum 7 years of experience in technology risk / information security with in-depth exposure to system, network and application security, and production control methodologies, with at least 3 years’ experience at managerial level;
  • Expertise in security practices and standards commonly adopted by the banking/financial industry such as the Cyber Resilience Assessment Framework (C-RAF), ISO27001 standard, etc.;
  • Team player with sound interpersonal, communication and presentation skills as well as excellent problem solving and analytical skills;
  • Holder of security certificates - CRISC, CISA, CISM, CISSP or other equivalent certificates is preferred;
  • Good command of written and spoken English and Chinese, proficiency in Putonghua is an advantage;
  • Familiar with computer audit, ethical hacking methodologies and/or knowledge in SWIFTNet security standard would be an advantage
Close
Loading...