Information Systems Security Manager (TISO)
- Review and enforce information security policy, standards and guidelines for IT business application and infrastructure projects
- Identify IT security risks including IT business application and infrastructure projects
- Conduct security assessments for business application and infrastructure projects
- Undertake new security projects to improve the security controls, efficiency and ease of use
- Execute outsourcing reviews
- Perform process re-engineering and efficiency improvement for the unit
- Degree in Computer Science or equivalent.
- Certified Information Systems Security Professional, Certified Information Systems Auditor or Certified Risk and Information System Control, Certified Ethical Hacker, will be desired.
- Independent and able to perform tasks with minimum supervision.
- Excellent communication and interpersonal skills with good command of English.
- Have a very strong commitment to personal development and a drive to develop himself / herself technically and professionally.
- Knowledgeable in IT controls, Application security and risk management methodology.
- Competent in conducting application security/risk assessment.
- Familiarity in Digital Banking, FinTech and Outsourcing will be an advantage
- Has in-depth knowledge of information security risks, concepts of new technologies, such as blockchain, cloud, mobile payment, hadoop, etc.
- Knowledgeable with application development experience and programming/coding will be an advantage.
- Knowledgeable in application penetration testing methodologies, such as OWASP.
- Knowledgeable with the use of cryptographic controls.
- Good knowledge in compliance with MAS TRM, ABS, BNM, HKMA, CBRC, etc guidelines and others an advantage.