Human Resources Officer, Business Partner
Build to reinforce IT governance and compliance monitoring segregated from the IT operation and implementation to liaise the technology standard and compatibility with new technology;
- Build to reinforce IT governance and compliance monitoring segregated from the IT operation and implementation to liaise the technology standard and compatibility with new technology;
- Enhance the compliance monitoring in order to minimize potential risk, performance issue and other audit issues, which is in line with the expectation of the Bank and the regulators.
- Strengthen the 1st line of defense to improve oversight of technology risk and support the rapid Fintech development and transformation initiatives.
- Maintain and uphold the risk governance and management framework
- Assist to develop and maintain Information Security Policy and Cyber Security Strategy, associated standard and guidance pertaining to regulatory requirement and industry standard.
- Organize and plan the corresponding actions to align with HKMA’s Cybersecurity Fortification Initiative (CFI) including but not limited to conducting risk and maturity assessment; adoption of intelligence sharing platform; and professional development.
- Ensure IT practices and controls are adequately developed to address information leakage risk.
- Provide advice to the adoption of emerging technologies not limited to services and products.
- Organize bank-wide awareness education program and necessary trainings to promote the security cultures of the Bank.
- Coordinate and respond to audit issues in relation to Cybersecurity to satisfy the compliance requirement.
- Assist the KRI reporting and review indicator when requested, support to provide materials for committee meetings.
- Perform risk assessment to ensure oversight of technology risk across domains of IT infra and security expertise
- Evaluate technology deviation and liaise with IT teams of implementation process
- Liaise external 3rd party to conduct independent assessment.
- Perform gap analysis on HKMA CRAF framework and associated guidance
- Provide input to Planning and Control team for inspections and examinations by the regulators, internal audit and external audits; handle information request and follow up IT related recommendations.
- Degree holder in Information Technology or related discipline.
- Minimum 9 years’ experience in IT and/or Information Security/Technology Risk Management, 3 years in people management
- Obtained Core / Professional level qualification of Relevant Practitioner under HKMA ECF on Cybersecurity
- Certified in CISSP, CISA, CISM or other recognized certificate is a must
- ITIL/PMP certification is preferred
- Certified in CEH, GIAC, CCNP would be an added advantage