Responsibilities:

• Work as a team to execute Global/Regional Information Security Policies, Standards, Processes & Procedure and liaise with HQ on IT security incident
• Execute IT security assessments (system, business partner, infrastructure, regulatory, other) in line with the bank’s security baselines and relevant technology and cyber regulatory requirements.
• Assess the residual risk and identify remedial actions.
• Execute Business-Continuity Management by actively reviewing the bank’s IT resilience and ensure IT security & IT Disaster Recovery are up to standard
• Ensure adherence to global industry standards (NIST, ISO) by participating in the group maturity assessment exercise
• Keep abreast with HKMA regulatory changes to banking technology areas and implement relevant measures & projects to ensure IT compliance & securities are up to standard
• Coordinate and facilitate system penetration test.
• Support the security monitoring on routine basis by covering Data Leakage Prevention (DLP) controls
• Work with various stakeholder to Validate Operational processes from an IT Security perspective (e.g. Firewall rule change reviews, Production data extraction requests, Robotic automation, etc.)
• Actively participate in cybersecurity projects, rectifications, enhancements
• Supervising IT changes and represent security functions in change board
• Monitor and provide regular reporting on security risk and compliance (e.g. IT KRI/KPI, IT Risk Dashboard, Global COO In Control Meeting, Asia quarterly in control, etc.).
• Monitor and follow up on open findings under Asia COO domain to ensure closure within the timeline.
• Work as a team to promote security, cyber and business continuity awareness within the office

Requirements:

• Degree or above
• 8 years + Banking IT Security & IT Risk Management experience
• Solid experience in Business Continuity Management
• Holder of related IT professional certification such as CISSP, CISA, CISM, CRISC, etc
• Strong understand on banking business and relevant adaption of technologies
• Understanding of industry standards such as NIST, ISO 27001, etc
• Strong understanding of requirements from Asian regulators such as MAS, HKMA, CBIRC/PBOC and RBI.
• Knowledge of Microsoft 365 platform & Microsoft Power Platform (Power BI, Power Apps, Power Automate)
• Prior experience in use of SharePoint would be an advantage

To apply online please send your profile to Alex Cheung by clicking Apply Now . For a confidential discussion about this role & other banking openings please contact Alex CHEUNG at +852 2121 1418

All applications applied through our system will be delivered directly to the advertiser and privacy of personal data of the applicant will be ensured with security.