Share this
We are seeking an experienced professional to lead and manage our client's Information and Technology Risk Management function. The successful candidate will be responsible for developing, implementing and maintaining comprehensive technology risk policies and frameworks that align with regulatory requirements and industry best practices. This is an excellent opportunity for a results-driven individual with strong leadership and communication skills to play a key role in strengthening our organisation’s cybersecurity and IT risk landscape.
Job Responsibilities- Develop and maintain technology risk management policies, standards and guidelines.
- Collaborate with internal stakeholders and external vendors to comply with all regulatory requirements related to technology risk and cybersecurity.
- Conduct technology risk assessments across projects and products, offering actionable advice for mitigation and control.
- Identify, assess, mitigate, monitor and report on technology risks and issues effectively.
- Engage with different business and technical stakeholders to define and execute appropriate mitigation measures.
- Coordinate with IT, Business, Compliance and Regulators, especially in the event of critical IT incidents.
- Support periodic reviews of technology risk areas including IT Outsourcing, third-party risk management, disaster recovery, business continuity planning and IT operational controls.
- Provide expert insights into banking application security, including latest cybersecurity trends, artificial intelligence, digital assets, and e-banking security measures.
- Bachelor's degree or above in technology, business, or a related discipline with relevant professional qualifications.
- Minimum of 5 years' experience in Cybersecurity, IT Risk, IT Compliance, IT Audit or similar roles, preferably in the Financial Services industry.
- Sound knowledge of regulatory and compliance frameworks such as HKMA SPM, HKMA Circulars, and data protection regulations.
- Familiarity with technology risk frameworks, industry standards and best practices.
- Hands-on experience in vulnerability scanning, penetration testing, code scanning, and technology risk assessments.
- Experience in Big 4 or professional services firms will be regarded as an advantage.
- Proficient in written and spoken English, Chinese, and Putonghua.
- Candidates with more extensive experience may be considered for a Senior Manager position within Information and Technology Risk Management.
Share this
