A Career with Hang Seng Bank Hang Seng is committed to service excellence. Our people are our most important asset and play a vital role in our efforts to continually enhance our performance for customers and provide best-in-class products and services. We seek to attract high-calibre talent by offering...

A Career with Hang Seng Bank

Hang Seng is committed to service excellence. Our people are our most important asset and play a vital role in our efforts to continually enhance our performance for customers and provide best-in-class products and services. We seek to attract high-calibre talent by offering a dynamic working environment, good career development opportunities and competitive compensation packages.

Manager, Data Protection

Job level Middle
Work exp 3 Years To 15 Years or above
Education Bachelor Degree
Location Hong Kong
Employment type Full Time
Industry Banking
Job function Banking / Finance > Risk Management
Others > Security / Safety Control
Published On 23/11/2016

 Risk and Compliance – Security and Fraud Risk (Information Security Risk)

Hang Seng's Risk and Compliance ("RKM") strives to maintain a well-balanced risk profile for the Bank while enabling businesses to thrive. Our team actively manages a varied and dynamic range of risk types. We are dedicated to collaborate with businesses, other functional units and regulatory bodies to develop and implement robust and customized risk management frameworks and measures to maintain the strong market position of the Bank.  

Security and Fraud Risk protects our customers, staff and the Bank from security and fraud risk through deployment of a balanced mix of technology and personnel, provision of a safe environment and peace of mind to our customers and staff, and effective use of fraud intelligence, real time monitoring system and timely investigation services. 

We are currently seeking a high caliber professional to join our department as Manager, Data Protection. 

Principal responsibilities 

  • Oversee and ensure the compliance with the Personal Data (Privacy) Ordinance (PDPO) in the Bank
  • Plan and develop policies, standards and procedures on data privacy matters
  • Ensure Data Access Requests and Data Correction Requests are handled properly as required by law
  • Be the prime contact with Privacy Commissioner for Personal Data (PCPD) and coordinate / investigate the enquiries and complaint cases from the Office of the PCPD, regulators and other external parties
  • Support and implement the data privacy projects initiated from global / regional office
  • Review and provide input on breach of data privacy incidents
  • Provide expertise, guidance, consultancy and support to the Businesses/Functions to identify risk and control related to date privacy regulations
  • Conduct Second Line of Defense and compliance checks on application forms, T&Cs, and internal processes
  • Enhance staff’s awareness and knowledge of PDPO within the Bank  

Requirements 

  • University degree in Law or related discipline
  • Minimum 3 years of experience in compliance, data privacy or information security area
  • Knowledge in PDPO, guidance notes and other data privacy regulations
  • Hands-on experience in handling data privacy issues
  • Good knowledge in banking operations and technology related controls
  • Strong self-motivation, with good interpersonal and analytical skills
  • Proficiency in English and Chinese, fluency in Putonghua an advantage
  • Great sense of ownership and servicing mindset to ensure efficient and effective customer service processes

 

To apply, please read carefully the ‘ Note on Collection of Personal Data and Information’ available in the careers page of our Hang Seng website: www.hangseng.com and send your resume via e-mail: recruit15@hangseng.com for our processing. You can also visit our website for further details about career opportunities with the Bank. Applicants who are not contacted within one month may consider their applications unsuccessful.

All information provided by applicants will be used only for recruitment purposes and will be used strictly in accordance with the Bank's personal data policies, a copy of which may be obtained by the applicant upon request. Unless otherwise instructed in writing by the applicant concerned, applicants may be considered for other suitable positions within the Bank and its related companies. The personal data of unsuccessful job applicants may be retained for a maximum of two years from the date when the job application is rejected and such data may be retained for a longer period if there is a subsisting reason that obliges the Bank to do so, after which the personal data will be destroyed.