isecjobs.com

Senior / Technology Risk Manager (Cyber Security Control Division)

Hong Kong

Full Time Senior-level / Expert USD 53K - 99K *
Bank of China (Hong Kong) logo

Bank of China (Hong Kong)

View all jobs at Bank of China (Hong Kong)

Apply now Apply later

  1. Roles and Responsibilities & Specific Requirements (Application Security):
  • Assist in reviewing IT initiatives and provide advisory from technology risk perspectives
  • Assist to establish and review policies, guidelines, procedures in application security area
  • Provide advisory and practical guidance to support technology risk and information security assessments, include vulnerability scanning, penetration test etc.
  • Conduct regular assessment on application security
  • Familiar with security testing tools e.g. Fortify, AppScan and Nessus, technologies on DevSecOps and industry good practice OWASP is preferable

 

  1. Roles and Responsibilities & Specific Requirements (Cyber Security):
  • Provide Cyber Security incident response operation and support.
  • Experience in OSINT, malware analysis and digital forensics.
  • Research and evaluate on latest security threats and Cyber Threat Intelligence.
  • Participate in Red & Purple Teaming exercises.
  • Familiar with technologies on Firewall, IDS, IPS, SIEM, SOAR  and Network/Cloud Infrastructure is preferable.

 

  1. Roles and Responsibilities & Specific Requirements (Platform Security):
  • Research and evaluate latest trend & technologies on information security and fintech area, such as FinTech, Artificial Intelligence, Big Data, Cloud Computing etc
  • Conduct regular assessment on data center security

 

General Job Requirements:

  • Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.
  • Over 2 years of experience in IT security, technology risk, risk management, compliance or IT audit function, gained from other sizable financial institutions
  • Holding at least one recognized professional qualification under HKMA enhanced competency framework such as CISA, CISSP, CRISC is preferable.
  • Familiar with HKMA TM-E-1, PCI-DSS, ISO 2700-series or other security risk management framework is an advantage
  • Good command of written and spoken English with Mandarin is preferable and
  • Good communication and interpersonal skills;
Apply now Apply later
  • Share this job via
  • 𝕏
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0
Categories: Compliance Jobs Leadership Jobs

Tags: Application security Artificial Intelligence Audits Big Data CISA CISSP Cloud Compliance Computer Science CRISC DevSecOps FinTech Firewalls Forensics IDS Incident response IPS Malware Nessus OSINT OWASP Risk management RMF Security assessment SIEM SOAR Threat intelligence

Region: Asia/Pacific
Country: Hong Kong

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Information Security Specialist jobsPenetration Tester jobsSenior Cyber Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsPrincipal Security Engineer jobsSenior Network Security Engineer jobsInformation System Security Officer jobsCloud Security Architect jobsChief Information Security Officer jobsSenior Penetration Tester jobsStaff Security Engineer jobsSecurity Specialist jobsSecurity Consultant jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Information Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsCybersecurity Consultant jobsSenior Information Security Engineer jobsInformation System Security Officer (ISSO) jobsThreat Intelligence Analyst jobs
SaaS jobsSDLC jobsMalware jobsEncryption jobsRMF jobsForensics jobsSQL jobsGDPR jobsIPS jobsSplunk jobsIDS jobsTop Secret jobsEDR jobsFinance jobsDoDD 8570 jobsTerraform jobsBash jobsITIL jobsOWASP jobsCRISC jobsUNIX jobsGIAC jobsDocker jobsCompTIA jobsIntrusion detection jobs
TCP/IP jobsBanking jobsSANS jobsThreat detection jobsData Analytics jobsActive Directory jobsPolygraph jobsCCSP jobsOSCP jobsClearance Required jobsCyber defense jobsVPN jobsIT infrastructure jobsJavaScript jobsSOC 2 jobsAnsible jobsSOX jobsDNS jobsSOAR jobsJira jobsGCIH jobsSecurity strategy jobsOracle jobsNIST 800-53 jobsCryptography jobs