Technology Risk Management - Manager (Cyber Security)
Roles and Responsibilities:
- Provide advisory and recommendation from risk perspective.
- Provide Cyber Security incident response operation and support.
- Research and evaluate on latest security threats and Cyber Security Intelligence.
- Assist to establish infrastructure review processes on network and infrastructure operation.
- Participate in Cyber Security projects for the Design, development and implementation.
- Participate in Red Team testing.
- Assist in planning of technology related risk management strategies, processes and work plans.
- Manage independent penetration test for the corporate infrastructure.
Familiar with security testing tools e.g. Fortify, AppScan and Nessus is preferable.
- Familiar with technologies on Firewall, IDS, IPS, SIEM , DevSecOps and Network/Cloud Infrastructure is preferable.
- Familiar with industry good practice OWASP is preferable.
- Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.
- Over 2 years of experience in IT security, technology risk, risk management, compliance or IT audit function, gained from other sizable financial institutions
- Holding at least one recognized professional qualification under HKMA enhanced competency framework such as CISA, CISSP, CRISC is preferable.
- Sound knowledge of application security, network security or platform security.
- Good command of written and spoken English with Mandarin is preferable.
- Good communication and interpersonal skills; and
- Independent and strong self-initiative.
- Candidate with less experience will be considered