Tier 1 Investment Bank - Technology Risk Senior Manager

Location: Hong Kong, Hong Kong
Gehalt/Honorar: Bonus
Veröffentlicht vor: seit 21 Tagen
Vertragsart: Permanent
Branche: Cyber Security & Technology Risk
Name des Kontakts: Rita Yu
Kontakt via E-mail:

Rita Yu

See more of Rita Yu's jobs

Tier 1 Investment Bank - Technology Risk Senior Manager

Tier 1 Investment Bank - Technology Risk Senior Manager

Job Purpose

The candidate will be responsible for execution of risk processes and assessments to fulfil Technology Risk Management (TRM) objectives as well as regulatory requirements.

Great Exposure

  • Oversight the US, Singapore, China, Macau and Hong Kong Business to support the Business Units, IT department and the regulatory bodies occasionally.
  • Opportunities to meet with different industries professionals through networking events, Chamber of Commerce
  • Work life balance working environment

Job Responsibilities

  • Support execution of TRM framework by reviewing the adequacy of the implemented controls
  • Conduct technology risk assessment and advise management on the status of risk acceptance or mitigation when residual risk persists
  • Perform the vulnerability scanning and penetration testing if necessary
  • Conduct Cybersecurity risk and maturity assessment in accordance to the HKMA's requirement
  • Keep track of Cyber risk intelligence from regulatory initiated platform and industry alliances, and advise the corresponding preventive actions
  • Provide consultancy and advice to the adoption of emerging and disrupting technologies by new initiatives in relation to technology risk
  • Identify, response and monitor the technology risk
  • Prepare the bank-wide awareness or education program to promote the security cultures of the Bank
  • Maintain the TRM framework by referring to the best practice of risk governance and management


  • Degree holder preferably in IT or relevant discipline
  • Minimum 5 years' related experience in IT related functions including at least 3 years in Audit, TRM or Information Security Management
  • Obtained Core/Professional level qualification of Relevant Practitioner under the HKMA ECF on Cybersecurity
  • Certified in CISSP, CISA, CISM or other recognized certificate is a must
  • Holder of ethical hacking certification (e.g. CEH) would be an added advantage
  • Sound knowledge in cryptographic techniques, firewall/network, DLP, APT, DDoS and vulnerability management
  • Familiar with regulatory requirements such as HKMA SPM, C-RAF, iCAST, MAS and PCI-DSS
  • Good understanding of industry best practices e.g. ISO27001 and COBIT
  • Good command of spoken and written English and Chinese (including Putonghua)

Ähnliche Jobs