Technology Risk Manager (Information Security Control Division)
Hong Kong
Bank of China (Hong Kong)
Roles and Responsibilities & Specific Requirements (Application Security):
- Assist in reviewing IT initiatives and provide advisory from technology risk perspectives
- Assist to establish and review policies, guidelines, procedures in application security area
- Provide advisory and practical guidance to support technology risk and information security assessments, include vulnerability scanning, penetration test etc.
- Conduct regular assessment on application security
- Familiar with security testing tools e.g. Fortify, AppScan and Open Source Scanning tools, technologies on DevSecOps and industry good practice OWASP is preferable
General Job Requirements:
- Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.
- Over 4 years of experience in IT security, technology risk, risk management, compliance or IT audit function, gained from other sizable financial institutions
- Holding at least one recognized professional qualification under HKMA enhanced competency framework such as CISA, CISSP, CRISC is preferable.
- Familiar with HKMA TM-E-1, PCI-DSS, ISO 2700-series or other security risk management framework is an advantage
- Good command of written and spoken English with Mandarin is preferable and
- Good communication and interpersonal skills;
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Categories:
Compliance Jobs
Leadership Jobs
Tags: Application security Audits CISA CISSP Compliance Computer Science CRISC DevSecOps Open Source OWASP Risk management RMF Security assessment
Region:
Asia/Pacific
Country:
Hong Kong
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Cloud Security Engineer jobsSenior Security Analyst jobsInformation System Security Officer jobsInformation Security Manager jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsIT Security Engineer jobsCyber Security Specialist jobsSecurity Specialist jobsSenior Penetration Tester jobsSenior Information Security Analyst jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsInformation System Security Officer (ISSO) jobsSystems Engineer jobsIT Security Analyst jobsSystems Administrator jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Product Security Engineer jobsStaff Security Engineer jobsSecurity Operations Analyst jobsCybersecurity Specialist jobs
Forensics jobsCI/CD jobsKubernetes jobsEncryption jobsSDLC jobsIDS jobsSaaS jobsSplunk jobsEDR jobsIPS jobsBash jobsOWASP jobsRMF jobsSQL jobsTop Secret jobsIntrusion detection jobsCompTIA jobsThreat detection jobsFinance jobsITIL jobsDocker jobsDoDD 8570 jobsCRISC jobsActive Directory jobsVPN jobs
OSCP jobsGIAC jobsBanking jobsTCP/IP jobsUNIX jobsHIPAA jobsTerraform jobsSANS jobsClearance Required jobsSOX jobsIT infrastructure jobsMITRE ATT&CK jobsSOC 2 jobsCISO jobsIndustrial jobsJavaScript jobsDNS jobsCCSP jobsData Analytics jobsJira jobsPolygraph jobsAnsible jobsSOAR jobsSecurity strategy jobsCyber defense jobs