Technology Risk Manager (Information Security Control Division)
Hong Kong
Bank of China (Hong Kong)
Roles and Responsibilities & Specific Requirements (Application Security):
- Assist in reviewing IT initiatives and provide advisory from technology risk perspectives
- Assist to establish and review policies, guidelines, procedures in application security area
- Provide advisory and practical guidance to support technology risk and information security assessments, include vulnerability scanning, penetration test etc.
- Conduct regular assessment on application security
- Familiar with security testing tools e.g. Fortify, AppScan and Open Source Scanning tools, technologies on DevSecOps and industry good practice OWASP is preferable
General Job Requirements:
- Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.
- Over 4 years of experience in IT security, technology risk, risk management, compliance or IT audit function, gained from other sizable financial institutions
- Holding at least one recognized professional qualification under HKMA enhanced competency framework such as CISA, CISSP, CRISC is preferable.
- Familiar with HKMA TM-E-1, PCI-DSS, ISO 2700-series or other security risk management framework is an advantage
- Good command of written and spoken English with Mandarin is preferable and
- Good communication and interpersonal skills;
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Categories:
Compliance Jobs
Leadership Jobs
Tags: Application security Audits CISA CISSP Compliance Computer Science CRISC DevSecOps Open Source OWASP Risk management RMF Security assessment
Region:
Asia/Pacific
Country:
Hong Kong
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Security Officer jobsSenior Cybersecurity Engineer jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsInformation Security Specialist jobsCyber Security Specialist jobsSecurity Consultant jobsSenior Network Security Engineer jobsIT Security Engineer jobsSystems Engineer jobsSecurity Specialist jobsSenior Information Security Analyst jobsIT Security Analyst jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsSystems Administrator jobsSenior Penetration Tester jobsInformation System Security Officer (ISSO) jobsStaff Security Engineer jobsThreat Intelligence Analyst jobsSenior Product Security Engineer jobsInformation Systems Security Engineer jobsSecurity Operations Analyst jobsCloud Security Architect jobs
Encryption jobsForensics jobsJava jobsTop Secret jobsEDR jobsRMF jobsSaaS jobsGDPR jobsIDS jobsSplunk jobsDoDD 8570 jobsIPS jobsSQL jobsSDLC jobsIntrusion detection jobsBash jobsActive Directory jobsThreat detection jobsCompTIA jobsITIL jobsDocker jobsGIAC jobsFinance jobsCRISC jobsOWASP jobs
SANS jobsUNIX jobsIndustrial jobsTerraform jobsTCP/IP jobsClearance Required jobsHIPAA jobsJavaScript jobsOSCP jobsIT infrastructure jobsCCSP jobsBanking jobsSOC 2 jobsVPN jobsDNS jobsCISO jobsPolygraph jobsData Analytics jobsSOX jobsSAP jobsNIST 800-53 jobsJira jobsGCIH jobsMITRE ATT&CK jobsGSEC jobs