Operational Risk Management (IT audit/cyber risk assurance) AVP

Operational Risk Management (IT Audit/cyber risk assurance) AVP/VP

Your new company
Leading regional insurance company

Your new role
  • Maintain the technology risk management framework by referring to the best practice of risk governance and management.
  • Responsible for execution of operational risk framework by reviewing the adequacy of the implemented controls.
  • Responsible for operational risk identification, response, monitoring and reporting.
  • Review the status of risk acceptance or mitigation and whether residual risk still persists.
  • Support and facilitate the CRAF assessment and iCAST exercise in accordance to the HKMA’s requirement with stakeholders.
  • Provide consultancy on the processes and controls in relation to operational and technology risks.
  • Review and provide comments for new products proposals in terms of risk management and controls.
  • Identify, investigate and advise businesses on existing and emerging risks.
  • Keep track of operational risk intelligence from regulatory initiated platform and industry alliances, and advise the corresponding preventive actions.
  • Provide consultancy and advice to business units in relation to operational risk management, in particular new business and IT initiatives.
  • Support business units to manage risk by designing and implementing risk management processes and frameworks.
  • Prepare the bank-wide awareness or education program to promote the cultures operational risk management in the Bank.

What you'll get in return
  • Degree holder preferably in Information Technology, Risk Management or relevant discipline.
  • 5 - 8 years of working experience in in audit, internal control, operational risk management, technology risk management or information security management.
  • Certified in CISSP, CISA, or CISM is a plus.
  • Professional qualification in ACCA / HKICPA / CPA or holder of ethical hacking certification (e.g. CEH) would be an added advantage.
  • Knowledge in developing and reviewing robust controls frameworks to support the operational resilience strategy.
  • Understand regulatory requirements and trends relating to operational resilience and risk controls in financial institutions

What you need to do now
If you’re interested in this role, click “apply now.” You may email Eddie Chow eddie.chow(at)hays.com.hk or call +852-2521-8884 for a private discussion #1224087


Job Type
Technology & Internet Services

Talk to a consultant

Talk to Eddie Chow, the specialist consultant managing this position, located in Hong Kong
6604-06,66/F, ICC, 1 Austin Road West, West Kowloon

Telephone: +85225218884