Manager - Technology Risk (up to 55k)

Implement cybersecurity control mechanisms, risk gap analysis and perform maintenance for security devices.

Your new company
My client is a Hong Kong based Banking and Financial company.

Your new role

  • Design, develop and maintain Information Security Polices, Standards and Guidelines
  • Provide technical guidance to application development and infrastructure tam regarding security designs and configurations
  • Assist in communicating risk management standards, policies and procedures to relevant stakeholders
  • Conduct regular security assessment on internal system, network and infrastructure
  • Facilitate risk management committee meeting for enhancing risk governance and oversight
  • Design and apply operational control process to ensure IT operational and control risks are within acceptable risk appetite
  • Design and monitor Key Risk Indicators. Proficiency in risk reporting to facilitate effective management oversight on technology risk and cybersecurity matters
  • Play a governance role on IT outsourcing. Perform regular security assessment on 3rd party IT service provider
  • Participate in developing, tuning and implementing threat detection analytics
  • Act as focal point to support internal, external and regulatory audits
  • Prepare and conduct security awareness training for internal IT and non-IT users

What you'll need to succeed
  • Minimum 5 years of relevant work experience in technology risk, information security and cybersecurity
  • University graduate in Computer Science / Information Technology or equivalent
  • Possess one or more professional certificates listed below:
  • ISC2 Certified Information Security Professional (CISSP)
  • ISACA Certified Information System Auditor (CISA)
  • ISACA Certified Information Security Manager (CISM)
  • ISC2 Certified Cloud Security Professional (CCSP)
  • Solid experience in vulnerability management, penetration test and technology risk assessment
  • Sound knowledge in Public Key Infrastructure (PKI), Internet vulnerability, cybersecurity, firewalls, Intrusion Detection/Prevention System and application security of finance/banking systems
  • Sound experience in performing vulnerability scanning, penetration test and technology risk assessment
  • Solid experience in regulators’ requirement on technology risk management including the Supervisory Policy Manuals of HKMA, Cyber Resilience Assessment Framework (CRAF), Personal Data Privacy Ordinance, PCI Data Security Standard, SFC guidelines and Customer Security Controls Framework of SWIFT
  • Banking experience is an advantage
  • Strong communication skill, both in Chinese and English
  • Mature, independent and able to deliver quality results under tight schedule
  • Good communication and interpersonal skills

What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or send your CV to

If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career. #1206098


Job Type
Technology & Internet Services

Talk to a consultant

Talk to Kenneth Ling, the specialist consultant managing this position, located in Hong Kong
6604-06,66/F, ICC, 1 Austin Road West, West Kowloon

Telephone: +85222307929