To identify, develop, maintain and enhance the system security operation procedures, controls, methodologies, and technologies with the up-to-date industrial standard, ensure they cope with policy and standard established by the Group and the regulators;
To perform system and data access security related duties, such as identity & access management, monitor unauthorized account usage and system / data access, regular review and approve all system, including databases, accesses of both Head Office and local EUC systems, to prevent and rectify unauthorized system access, and data usage;
To make application/ call memo/ instruction sheet and all the necessary reports/ documents;
To cooperate with stakeholders to conduct the IT security / risk assessments and projects.
To identify potential threats of and report on security violations by determining causes, possible solutions and remedial actions required for ensuring data security;
To recommend and implement changes and improvements to procedures and system designs to enhance systems security with proper documentations;
To develop and conduct IT security awareness training program, and educate the IT security best practices to all units within the Bank;
To perform the software requesting process, which include new software onboarding control and risk assessment, software inventory and license controls, software usage approval, and software reviewing process;
To develop consultative support to business and operations units about specialized security hardware and software products;
What you'll need to succeed
Higher Diploma or Associate Degree in computer science or IT or related discipline;
Minimum 5 years' related experience in IT security in financial industry;
Passion for cybersecurity and staying up-to-date with current threats, tools and techniques.
Practical experience of technical and security configuration, operation and administration in Windows OS, Active Directory, Domain Group Policy, Networking, security devices (firewall, NAS, etc.) are essential.
Knowledge in Linux OS, application development support, Microsoft Office Macro, Databases (MSSQL, Oracle, etc), and work-flow process automation and digitalization would be an advantage.
Possess CISSP, CSX, CISA, CISM or other information systems security certifications.
Ability to communicate about various IT security measures with non-technical audience.
Outstanding organizational, analytical, and troubleshooting skills.
Demonstrated ability to prioritize and meet scheduled deliverables and commitments while managing multiple tasks.
Proficiency in English and Cantonese.
What you need to do now
If you’re interested in this role, click “apply now.” You may email Eddie Chow eddie.chow(at)hays.com.hk or call +852-2521-8884 for a private discussion #1224278
Banking & Financial Services
Talk to a consultant
Talk to Eddie Chow, the specialist consultant managing this position, located in Hong Kong
6604-06,66/F, ICC, 1 Austin Road West, West Kowloon