Technology Risk Manager (IT Security) – Information Technology Department

Responsibilities:

• Participate in Information and Cyber Security projects for the Design, development and implementation.

• Assist in planning of technology related risk management strategies, processes and work plans.

• Formulate and manage information security policies, standards and procedures.

• Plan and conduct information security assessment and IT risk evaluation in area covering IT general controls, information asset management, access controls and security review. 

• Assist business units and cross-functional teams in identifying and mitigating information security risks.

• Communicate to business units and cross-functional teams regarding information security risk issues and/or control gaps, and recommends remediation initiatives.

• Create and manage information security awareness training programs for all employees, contractors and approved system users.

Requirements:

• Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.

• Over 3 years of experience in IT security, technology risk, risk management, system development management.

• Demonstrated experience working with the regulators and external auditor.

• Holding at least one recognized professional qualification under HKMA enhanced competency framework such as CISA, CISSP, CISM, CCSP is preferable.

• Good command of written and spoken English and Mandarin is preferable.

• Independent, strong self-initiative and with passion in information security and cyber security professional.