Senior Technology Risk Manager / Technology Risk Manager (2nd line of defense)
- Formulate technology risk management strategies, policy, processes and work plans.
- Review IT initiatives from technology risk perspectives and provide advisory and recommendation.
- Research and evaluate latest security threats and technology solutions, such as Cloud, Big Data, Artificial Intelligence, Social Networking and Mobility.
- Review security architecture and relevant policies for the organization infrastructure, applications and cyber resilience.
- Perform 2nd line assurance reviews.
- Prepare management reports on technology risk assessment or review results.
- Coordinate IT related regulatory examinations and enquiries.
- Bachelor Degree holder or above with major in Information Technology or related disciplines.
- At least 6-8 years' experience in IT security, technology risk or IT audit field of banking industry
- Holders of Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) or Certified Information Systems Manager (CISM) is preferred
- Sound knowledge in HKMA requirements and industrial security standards. Knowledge / experience in technology risk management in Southeast Asian countries will be an advantage
- Be able to work independently and under pressure. Be a good team player.
- Proficiency in Mandarin; good Chinese and English report writing skills