Technology Risk Manager (Information Security Control Division)
Hong Kong
Bank of China (Hong Kong)
Roles and Responsibilities & Specific Requirements (Application Security):
- Assist in reviewing IT initiatives and provide advisory from technology risk perspectives
- Assist to establish and review policies, guidelines, procedures in application security area
- Provide advisory and practical guidance to support technology risk and information security assessments, include vulnerability scanning, penetration test etc.
- Conduct regular assessment on application security
- Familiar with security testing tools e.g. Fortify, AppScan and Open Source Scanning tools, technologies on DevSecOps and industry good practice OWASP is preferable
General Job Requirements:
- Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.
- Over 4 years of experience in IT security, technology risk, risk management, compliance or IT audit function, gained from other sizable financial institutions
- Holding at least one recognized professional qualification under HKMA enhanced competency framework such as CISA, CISSP, CRISC is preferable.
- Familiar with HKMA TM-E-1, PCI-DSS, ISO 2700-series or other security risk management framework is an advantage
- Good command of written and spoken English with Mandarin is preferable and
- Good communication and interpersonal skills;
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Categories:
Compliance Jobs
Leadership Jobs
Tags: Application security Audits CISA CISSP Compliance Computer Science CRISC DevSecOps Open Source OWASP Risk management RMF Security assessment
Region:
Asia/Pacific
Country:
Hong Kong
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Systems Security Officer jobsInformation System Security Officer jobsSenior Security Analyst jobsSenior Cloud Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Manager jobsSystems Engineer jobsSystems Administrator jobsSenior Network Security Engineer jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Information Security Analyst jobsChief Information Security Officer jobsSecurity Specialist jobsSecurity Consultant jobsIT Security Analyst jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsSenior Cyber Security Engineer jobsCyber Threat Intelligence Analyst jobsThreat Intelligence Analyst jobsSenior Product Security Engineer jobsSenior Information Security Engineer jobsSecurity Operations Analyst jobsPrincipal Security Engineer jobs
Encryption jobsGDPR jobsSplunk jobsSaaS jobsTop Secret jobsBash jobsMalware jobsEDR jobsSQL jobsThreat detection jobsSDLC jobsRMF jobsIDS jobsForensics jobsFinance jobsIPS jobsTerraform jobsDocker jobsIntrusion detection jobsCompTIA jobsDoDD 8570 jobsITIL jobsActive Directory jobsCRISC jobsOWASP jobs
SOC 2 jobsGIAC jobsUNIX jobsAnsible jobsSAP jobsHIPAA jobsOSCP jobsSANS jobsClearance Required jobsTCP/IP jobsVPN jobsSOAR jobsIndustrial jobsBanking jobsCCSP jobsPolygraph jobsJira jobsJavaScript jobsMachine Learning jobsMITRE ATT&CK jobsSOX jobsDNS jobsVMware jobsNIST 800-53 jobsIT infrastructure jobs