Information Security and Risk Officer - 10 Months Contract

  • Competitive
  • Hong Kong Hong Kong Hong Kong HK
  • Contract, Full time
  • Societe Generale
  • 17 Mar 18 2018-03-17

Information Security and Risk Officer - 10 Months Contract


SG CIB is the Corporate and Investment Banking arm of the Société Générale Group. Present in over 50 countries across Europe, the Americas and Asia. SG CIB provides corporate, financial institutions, investors and public sector clients with value-added integrated financial solutions.


Main Responsibilities

  • Conduct risk analysis and present recommendations to department managers and other senior leadership on information security topics
  • Perform information security risk assessments, ad hoc spot checks of risky areas, regulatory risk assessments, offshoring agents and services assessments, website penetration testing planning, application security assessment coordination and other security controls (e.g. exception management, bypass, etc)
  • Ensure information security framework is properly implemented
  • Management of user access right exception request
  • Coordinate with the respective team to deploy application in security tools and review the tools referential on needs basis (e.g. organization change)
  • Deliver security awareness and tools training in the form of, and not limited to, email communications, classroom training/presentation
  • Coordinate, produce and manage the delivery of The Information Security Monthly report / indicators

Day to day production:
  • Handle security exception requests raised
  • Run recurrent information security controls
  • Contribute to the enhancement of the information security tackling issues met during the execution of these controls
  • Manage the relationships with expert teams in head office to ensure these controls are efficient
  • Perform spot checks to measure proper execution of these controls
  • Coordinating with offshore team and supervising offshore deliverables
  • Manage the Information Security governance with the infrastructure group
  • Identify and manage with the infrastructure group all related information security issues

Be part of the team
  • To actively coordinate and cooperate with other IT and IT Security teams (local, global and regional) to ensure best IT Security practices
  • Follow-up on strategic projects and security issues


Candidate Profile


  • Bachelor's degree or equivalent on Information Technology (including information security)
  • Advanced security certifications must have (CISSP and / or CISM)
Past Experience

  • >3 years experience in Information Security (in an Investment banking would be a big plus)


  • Fluent English and Chinese
  • French an advantage
Technical Skills

  • Knowledge of Information Security standards and best practices
  • Proficient computer skills, especially Microsoft Office applications (VBA is a plus)

General Competencies

  • Results Orientation
  • Client Focus
  • Accountability
  • Rigour & Transparency
  • Courage & Discipline
  • Co-Operation

Personal Abilities

  • Transparent communication
  • Persuasion skills
  • Exceptional analytical and problem-solving skills
  • Team player and fast learning