Senior Manager, Technology Risk
Hong Kong, HK
Dah Sing Bank
Job Roles:
• Design, develop and update technology risk related policies, standards and guidelines.
• Perform risk assessments on IT projects, including but not limited to enhancements and/or new adoption of technologies across information security, infrastructure and application systems.
• Assess and manage cyber security risks, including but not limited to governance, identification, protection, detection, response, recovery, to increase the cyber resilience and the overall system stability.
• Provide day-to-day technology risk advisory to all IT departments and technology risk management support to the subsidiaries in Macau and China.
• Coordinate IT and technology risk related responses across the organization for regulatory inspections, 2LOD risk review, internal and external audits, and perform gap analysis against new or updated regulatory requirements.
• Assist to perform day-to-day risk monitoring and reporting risks to the responsible management and ensuring that the residual risks are being managed.
• Apply process to ensure that IT operational and control risks are at an acceptable level within the risk thresholds of the bank, by evaluating the adequacy of risk management controls.
• Assist in communicating the risk management standards, policies and procedures to stakeholders.
• Assist in defining appropriate framework for technology risk and/or cybersecurity monitoring (including monitoring requirements, indicators, datasets, collection and analytical methods).
• Assist to promote risk awareness and culture within the Division.
• Carry out ad-hoc tasks as required by management.
Skills and experience:
• At least 10 years of Technology risk experience, preferable in the Banking industry
• Solid knowledge of technology risk regulatory requirements in Hong Kong, Macau and China
• Good understanding of IT systems, emerging technologies, and infrastructure along with the relevant controls required to mitigate risks
• Relevant knowledge and proven experience in IT risk assessment, cybersecurity, access control principles and operation, application security
• Excellent written and verbal communication skills including ability to communicate clearly and concisely to various levels
• Ability to communicate and understand Chinese as the regulatory requirements are written in the local language
• Ability to adapt to a fast-moving IT landscape and keep pace with new technologies
• Analytical mind-set and meticulous in the deliverables
• Bachelor's degree in Computer Science, Information Technology, Information Systems Management or related discipline
• Holder of CISSP, CISM, CISA or equivalent is a must
• Dedication to fostering an inclusive culture and value diverse perspectives
• Candidate with less experience will be considered as an Manager position
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Audits Banking CISA CISM CISSP Computer Science Governance Monitoring Risk assessment Risk management
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.