Technology Risk Management Officer / Manager
Roles and Responsibilities:
- Provide advisory and recommendation from risk perspective.
- Provide Cyber Security incident response operation and support.
- Research and evaluate on latest security threats and Cyber Security Intelligence.
- Assist to establish infrastructure review processes on network and infrastructure operation.
- Participate in Cyber Security projects for the Design, development and implementation.
- Participate in Red Teaming Penetration test.
- Assist to manage independent penetration test for the corporate infrastructure.
- Assist in reviewing IT initiatives from technology risk perspectives.
- Assist in planning of technology related risk management strategies, processes and work plans.
- Familiar with technologies on Firewall, IDS, IPS, SIEM , DevSecOps and Network/Cloud Infrastructure is preferable .
- Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.
- Over 2 years of experience in IT security, technology risk, risk management, compliance or IT audit function, gained from other sizable financial institutions
- Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM) , Certified in Risk and Information Systems Control (CRISC) , Certified Internal Auditors (CIA), Offensive Security Certified Professional(OSCP), GIAC Penetration Tester (GPEN) or other cyber security related certification (e.g. issued by CREST) preferable.
- Sound knowledge of network security or platform security.
- Good command of written and spoken English with Mandarin is preferable.
- Good communication and interpersonal skills; and
- Independent and strong self-initiative.
- Candidate with less experience will be considered