Senior Technology Risk Manager (Affiliated and Overseas Entities)

Roles and Responsiblities - Responsible for the planning, management and daily operation of technology risk management

• Responsible for communicating and cooperating with internal working units to solve any issues related to information security/technology risk management of overseas branches and affiliated organization.
• Conduct regular IT risk and compliance assessment in overseas branches and coordinate overseas branch to perform technology risk self-assessment.
• Collect key risk indicator information from overseas branches and perform analysis.
• Responsible for supervising overseas branch and affiliated organization on those issues arising from any independent assessment from regulatory inspections, external or internal audit, or other third parties and tracking their remediation activities
• Influence and drive oversea branches and affiliated organization on technology risk management initiatives in alignment with group policies and standards
• Proactively communicate with overseas branches and affiliated organization to understand update-to-date local regulatory requirement.
• Keep abreast with latest threats, vulnerabilities, mitigation and industry best practices

• Conduct technology risk and information security awareness training to staffs and technology risk managers in oversea branches

  Job Requirements - Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.

• Over 6 years of experience in IT security, technology risk, risk management, system development management, compliance or IT audit function, gained from other sizable financial institutions. Candidate with less experience will be considered as Analyst
• Demonstrated experience working with the regulators in the region, articulate in local regulations and laws pertaining to IT Risk would be an advantage
• Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM) , Certified in Risk and Information Systems Control (CRISC) , Certified Internal Auditors (CIA) is preferable.
• Good command of written and spoken English with Mandarin is preferable.
• Flexibility in traveling
• Independent and strong self-initiative.

If you are applying for in-scope position(s) under the Mandatory Reference Checking Scheme (i.e., A role carrying out regulated activities licensed by the IA, SFC & MPFA), you are required to undergo the Mandatory Reference Checking. Our responsible recruiter will inform you the details of the MRC process and the requirements in due course. For details, please click here .