This job is expired.


Technology Risk Management Professional

Hong Kong, Hong Kong
Last update 2024-05-27
Expires 2024-05-26
ID #2120993030
Technology Risk Management Professional
Hong Kong, Hong Kong,
Modified April 17, 2024


Main Responsibilities Manage Technology Risk Management processes to identify emerging or existing technology-related risks, measure impact, likelihood and direction of technology-related risks.

Establish and review technology risk management policy, mechanism and tools of the Bank with reference to Head Office and regulatory requirements.

Monitor first line of defense in applying technology risk management tools in identifying, assessing, monitoring and controlling technology risk, and provide appropriate opinion and guidance on necessary mitigation measures and remediation.

Closely monitor any technology-related issues or incidents and control the risks through preventive, compensating and contingency measures.

Assess the adequacy and effectiveness of the controls from technology risk perspectives during due diligence of new products/ service propositions and incident handling, provide advisory and recommendation on new technology solution of IT initiatives.

Coordinate technology risk related regulatory examinations and communication, conduct reviews to identify possible risks and provide recommendations to address the control weakness, and monitor the implementation progress of the remedial action(s).

Oversight and challenge the IT security functions to ensure strict adherence to the corporate standards and regulatory requirements, and conduct regular technology risk profile review.

Prepare regular management reports on technology risk profile of the bank.

Requirements Bachelor Degree holder or above with major in Information Technology or related disciplines With 8 years or above banking experience and within which at least 6 year experience or above in IT security, technology risk or IT audit field of banking / financial industry Strong understanding of Technology Risk Management and functions of Second Line of Defense, broad knowledge of regulatory requirements, technology risk relevant controls and information security best practices.

Customer-oriented with strong leadership, communication, interpersonal and negotiation skills.

Holder of CISSP / CISA / CISM / CRISC certification is preferred.

Be able to work independently and under pressure.

Be a good team player.

Attention to details, good analytical and interpersonal skills.

Good communication skill (including in Cantonese, Mandarin, English).

Proficiency in preparing presentation materials and reports in Chinese will be an advantage.

Appropriate candidate with less experience could be considered as VP level.

Applicants who are not contacted within 8 weeks may consider their applications unsuccessful and their personal data will be retained by the bank for a period up to two years.

All information provided by applicants will be used for recruitment purposes only and will be used strictly in accordance with the bank's personal data policies, a copy of which will be provided upon request.

Job details:

Job type: Full time
Contract type: Permanent
Salary type: Monthly
Occupation: Technology risk management professional

⇐ Previous job

Next job ⇒     


Contact employer

    Quick search:


    Type city or region