Manager, Group Technology Risk Management

Hong Kong, HK, HK

Apply now Apply later

Job Description

The Job

  • Review risk assessment on technology and operation for services and products serving our Group and customers;
  • Provide advisory services to business units related to risk, process, technology and corporate governance;
  • Facilitate risk assessment with reference to security and/or regulatory requirements such as ISO/IEC 27001, PCIDSS, HKMA C-RAF(SVF), PDPO, etc;
  • Mentor junior staff and provide supervision;
  • Manage and coordinate vendors in different projects and engagements;
  • Provide practical recommendation based on technical and business operation;
  • Formulate and revamp the Information Technology (IT) related policies, procedures and guidelines;
  • Promote the awareness of risk management and information security across the Group;
  • Facilitate the enterprise risk management process;
  • Assist in incident handling and track respective follow-up tasks;
  • Research and check for technology innovation, including cybersecurity trend; and
  • Ad hoc task as assigned by supervisor.

 

The Person

  • Possess professional attitude, strong accountability, self-motivated, good team player, multi-tasked, able to work independently and under pressure;
  • Strong communication, stakeholder management, analytical and problem-solving skills;
  • Degree holder in Computer Science, IT or related disciplines;
  • 4 to 5 years of relevant experience in technology risk, IT compliance, IT audit or IT security from professional firms (Big4), financial institutions, technology firms and MNCs;
  • Certification in Information Security, IT controls and management disciplines such as CISA, CISM, CISSP, CGEIT, ITIL, ISO Lead Auditor preferred;
  • Solid knowledge in IT, Information Security, risk management framework, business continuity, incident handling, Cloud assessment (AWS/Azure/GCP), blockchain/stable coin, Web3, DevOps, DevSecOps and CI/CD;
  • Familiar with regulatory and industry standards, for example ISO/IEC 27001, PCIDSS, COSO, ITIL, PDPO, HKMA C-RAF(SVF), HKMA SPM, PDPO, etc;
  • Experience in leading a small team to deliver project or service; and
  • Good command of both written and spoken English and Chinese.
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: Audits AWS Azure Blockchain C CI/CD CISA CISM CISSP Cloud Compliance Computer Science DevOps DevSecOps GCP Governance ITIL PCI DSS Risk assessment Risk management RMF

Region: Asia/Pacific
Country: Hong Kong

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.