Manager, IT Security (Information Technology Department)

Responsibilities

• Maintain all the Bank’s policies and procedures regarding to information and Cybersecurity.
• Maintain and follow the regulatory requirements on security such as HKMA Cybersecurity Fortification Initiatives (CFI) requirements so as to wider the security protection perspectives of the Bank.
• Lead and perform vulnerability assessment to the Bank’s IT system.
• Lead and perform system and network configuration hardening reviews to ensure the system and network security of the Bank.
• Study, evaluation and implement the Information or Cybersecurity solutions for Cybersecurity protection perspectives, and provide technical & administrative support to related systems.

Requirements

• Degree holder in Computer Science or Engineering or related disciplines
• CISA / CISM / CISSP or equivalent is preferred
• Minimum 5 years of relevant working experience in IT Security, Information Security or IT Audit.
• Solid experience in Information / Cybersecurity controls and reviews to ensure the adequate controls and the adherence to Security Policies and Standards of the Bank.
• Solid experience and understanding of regulatory requirements such as HKMA SPM, Cybersecurity Fortification Initiatives (CFI), SFC, PCI-DSS and etc.
• Qualifications in ECF is preferred.
• Experiences and understandings in Cyber Security principles, Information security risk managements & controls.
• Familiar with the security practices on patch management, key / certificate management, privileged account management, vulnerability scanning, software / application whitelisting, APT protection, system hardening.
• Knowledge on security features of firewall, router, switch, IPS/IDS, APT, VPN, Database, Windows / Linux / AIX platforms.
• Understanding of the banking systems and applications are preferred.