工作描述
16 天前
Roles and Responsibilities:
• Conduct daily Information and Cyber Security monitoring, incident analysis and investigation, incident response operation and support.
• Participate in Information and Cyber Security projects for the Design, development and implementation.
• Assist in planning of technology related risk management strategies, processes and work plans.
• Formulate and manage information security policies, standards and procedures.
• Plan and conduct information security assessment and IT risk evaluation in area covering IT general controls, information asset management, access controls and endpoint security review. Support the implementation of security initiatives to ensure the compliance with corporate information security policies and compliance standards.
• Act as a subject matter expert to assist business units and cross-functional teams in identifying and mitigating information security risks.
• Communicate to business units and cross-functional teams regarding information security risk issues and/or control gaps, and recommends remediation initiatives.
• Create and manage information security awareness training programs for all employees, contractors and approved system users.
• Stay informed about latest developments in information security field.
• May need to travel to Shen Zhen and Shang Hai occasionally.
Job Requirements:
• Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline。
• 5 years of experience in IT security, technology risk, risk management, system development, system management, compliance or IT audit function, gained from other sizable financial institutions. Candidate with less experience will also be considered with the role of Deputy Technology Risk Manager.
• Demonstrated experience working with the regulators and external auditor.
• Holding at least one recognized professional qualification under HKMA enhanced competency framework such as CISA, CISSP, CISM, CCSP, PMP is preferable.
• Good command of written and spoken English and Mandarin is preferable.
• Good communication and interpersonal skills.
• Independent, strong self-initiative and with passion in information security and cyber security professional.
• With knowledge in IBM QRadar SIEM, IBM Guardium , Database management, Python AI application, Network and Cloud security is preferable.
• Conduct daily Information and Cyber Security monitoring, incident analysis and investigation, incident response operation and support.
• Participate in Information and Cyber Security projects for the Design, development and implementation.
• Assist in planning of technology related risk management strategies, processes and work plans.
• Formulate and manage information security policies, standards and procedures.
• Plan and conduct information security assessment and IT risk evaluation in area covering IT general controls, information asset management, access controls and endpoint security review. Support the implementation of security initiatives to ensure the compliance with corporate information security policies and compliance standards.
• Act as a subject matter expert to assist business units and cross-functional teams in identifying and mitigating information security risks.
• Communicate to business units and cross-functional teams regarding information security risk issues and/or control gaps, and recommends remediation initiatives.
• Create and manage information security awareness training programs for all employees, contractors and approved system users.
• Stay informed about latest developments in information security field.
• May need to travel to Shen Zhen and Shang Hai occasionally.
Job Requirements:
• Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline。
• 5 years of experience in IT security, technology risk, risk management, system development, system management, compliance or IT audit function, gained from other sizable financial institutions. Candidate with less experience will also be considered with the role of Deputy Technology Risk Manager.
• Demonstrated experience working with the regulators and external auditor.
• Holding at least one recognized professional qualification under HKMA enhanced competency framework such as CISA, CISSP, CISM, CCSP, PMP is preferable.
• Good command of written and spoken English and Mandarin is preferable.
• Good communication and interpersonal skills.
• Independent, strong self-initiative and with passion in information security and cyber security professional.
• With knowledge in IBM QRadar SIEM, IBM Guardium , Database management, Python AI application, Network and Cloud security is preferable.
Operation Manager / Customer Due Diligence Manager (CDD Division)
Bank of China (Hong Kong) Limited
商业管理
中西区, 香港
7 天前
全职
办公室工作
技术、信息和媒体
Business Analyst (Core Banking)
Bank of China (Hong Kong) Limited
商业管理
中西区, 香港
7 天前
全职
办公室工作
技术、信息和媒体
Business Analyst – Workflow/Process Management
Bank of China (Hong Kong) Limited
商业管理
中西区, 香港
7 天前
合约
办公室工作
技术、信息和媒体
Senior / IT Project Manager (SAE)
Bank of China (Hong Kong) Limited
产品/项目经理
中西区, 香港
7 天前
全职
办公室工作
技术、信息和媒体
Corporate Services Manager (Project Management)
Bank of China (Hong Kong) Limited
产品/项目经理
中西区, 香港
7 天前
全职
办公室工作
技术、信息和媒体
Fixed income Sales Manager/Assistant (Hong Kong Branch)
Bank of China (Hong Kong) Limited
销售和客户管理
中西区, 香港
7 天前
全职
办公室工作
技术、信息和媒体
更多类似工作
Technology Risk Manager (Cyber Security Control Division) | Hong Kong, HK
Bank of China (Hong Kong) Limited
中西区, 香港
Senior / Technology Risk Manager (Cyber Security Control Division)
Bank of China (Hong Kong) Limited
中西区, 香港
Senior / Technology Risk Manager (Cyber Security Control Division)
Bank of China (Hong Kong) Limited
中西区, 香港
🎉 Got an interview?