Assistant General Manager, Governance, Risk Management & Compliance Assistant General Manager, Governance, Risk  …

China CITIC Bank International Limited
in Hong Kong
Permanent, Full time
Last application, 08 Apr 21
Competitive
China CITIC Bank International Limited
in Hong Kong
Permanent, Full time
Last application, 08 Apr 21
Competitive
Posted by:
Rachel Chan • Human Resources Officer, Business Partner
Posted by:
Rachel Chan
Human Resources Officer, Business Partner
Lead the team to strengthen the 1st line of defense to improve oversight of technology risk management with higher technical competence to support the rapid Fintech development and transformation initiatives.

Responsibilities:

  • Lead the team to strengthen the 1st line of defense to improve oversight of technology risk management with higher technical competence to support the rapid Fintech development and transformation initiatives.
  • Maintain and uphold the risk governance and management framework
  • Develop any new required or maintain existing Information Security / Cyber Security Policy, Standard and Guideline according to regulation requirement and industry standard.
  • Organize and plan the corresponding actions to align with HKMA’s Cybersecurity Fortification Initiative (CFI) including but not limited to conducting risk and maturity assessment; adoption of intelligence sharing platform; and professional development.
  • Ensure IT practices and controls are adequately developed to address customer data leakage risk.
  • Manage the performance review of IT outsourcing and service providers in relation to their risk compliance with regulatory requirement and Bank’s internal policy.
  • Provide consultancy and advice to the adoption of emerging
  • Organize bank-wide awareness or education program to promote the security cultures of the Bank.
  • Coordinate and response to audit findings in related to Cybersecurity issues to satisfy the compliance requirement as expected by regulators and auditors.
  • Uplift the staff awareness on regulatory requirement on cybersecurity by proper communication and training.
  • Train/equip team staff and ensure they have the ability to perform the required work and can face the ever-changing technology.
  • Identify and retain talents with career progression plan.  Plan back-up and contingency to minimize impact to existing servicing level.
  • Conduct technology risk assessment for all internal application systems

 

Requirements:

  • Seasoned practitioner in TRM or Audit or Information Security Management.
  • Thorough knowledge of risk management practices in IT Infrastructure, IT Application and Service Management
  • Good at issue reporting/presentation and stakeholder management
  • Familiar to regulatory requirements such as HKMA (TM-E-1, TM-G-1, TM-G-2, SA-2), MAS, CBRC, FFIEC and etc.
  • Familiar to industry compliance requirements such as PCI-DSS, SWIFT CSP and etc.
  • Knowledge of overseas banking regulatory requirements, particularly in Singapore, China, Macau and US is an advantage
  • Good understanding of industry best practices e.g. ISO27001, COBIT etc.
  • Degree holder in Information Technology or related discipline.
  • At least 12 years' experience in audit, technology risk management or information security management.
  • At least 6 years’ experience in people management.
  • Obtained Core / Professional level qualification of Relevant Practitioner under HKMA ECF on Cybersecurity
  • Certified in CISSP, CISA, CISM or other recognized certificate is a must

 

China CITIC Bank International Limited logo
More Jobs Like This
See more jobs
Close
Loading...
Loading...