Group Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels. Job Description
- Align with the Group's direction and assist in formulating and implementing CISO and Technology Security strategies, policies and governance
- Responsible for evaluating, executing, monitoring and reporting for information security risk assessment activities
- Perform IT / cyber security risk assessments and report on ways to minimize threats and enhance the Bank's information security control methodology
- Track latest IT security innovations and keep abreast of latest cyber security technologies
- Provide preventive measures and practical recommendations to senior management regarding Cybersecurity risk / audit related event
- Evaluate, maintain and monitor the Bank's Technology to comply with the latest regulations and compliance requirements
- Champion and educate the organization about the latest information security strategies and technologies to raise the cyber security awareness
- Respond to enquiry in relation to cyber and information security from senior management and regulatory
- University Degree in Computer Science or related disciplines
- Minimum 5-8 years of solid experience in business engagement for Information Security, Risk or Control & Compliance, IT Analysis / Design, Program / Project Management
- Possess relevant profession qualification recognized by HKMA's Enhanced Competency Framework on Cybersecurity
- Solid understanding and experience in implementing risk management framework, such as NIST, COBIT, etc.
- Good presentation and analytical skill, in particular to senior management
- Work experience in HK Financial Industry is a plus
- Familiar with regulatory requirement on Technology Risk and Cybersecurity
- Experienced in performing security risk assessment and audits based on industry standards
- Experienced in web and mobile application development/penetration testing preferred
- Experienced with cloud security is highly preferred
We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognises your achievements.
We regret only shortlisted candidates will be notified.