Assistant Manager / Manager, IT Process and Control

Job Responsibilities

• As part of the first line of defence control function of IT Department and support IT management to manage Technology and IT Operational Risk

• Work closely with Technology & Operational Risk management staff in the second line of defence to ensure consistency of policies and tools, as well as to report on results and issues

• Conduct risk control self-assessments to identify and evaluate risks and associated controls for IT Department

• Manage and provide oversight of completion of follow-up and remedial actions identified during the risk assessment process

• Liaise and coordinate with other control functions across the Bank on standards & regulatory interpretation, and other activities around technology & operational risk controls 

• Assist to promote a positive risk culture and risk awareness across IT Department

• Support Business Continuity Management related activities for the IT Department

• Create and maintain policies and procedures within IT Department

• As internal control to review and endorse authorization requests and critical changes

• Ensure IT operations and governance adhere to HKMA SPMs

• As focal point and coordinator for external or independent reviews and examinations

• Support vendor management process and handle procurement requests

• Manage financial budgeting, payments and accrual reporting

Job Requirements

• At least 3 years of experience in technology risk, regulatory compliance, or similar risk & control function from the banking and finance industry

• Excellent ability to influence without direct management authority to drive deliverables.

• Excellent communication skills and interpersonal skills to a wide range of individuals and groups and at different levels of seniority. 

• Innovative and able to assess needs and propose solutions 

• Strong communication in written and speaking English and Mandarin

• Strong time management skills 

• Self-starter who has experience in dealing with varieties of cultures

• Open personality with effective communication skills

• Familiarity with HKMA SPM on E-banking (TM-E-1), Technology Risk Management (TM-G-1), BCP (TM-G-2), Outsourcing (SA-2)

• Degree in information system, computer science, information security, computer engineering or risk management qualifications desirable 

• Certifications CISA, CISSP, CIA, CRISC or ITIL desirable