October 22, 2016 (Saturday)
Time: 10:00am to 5:00pm
Venue:29/F, Bank of China Centre, Olympian City, 11 Hoi Fai Road
Technology Risk Management - Manager / Senior Manager
- Provide advisory and recommendation from risk perspective.
- Assist to define security architecture for the organization infrastructure and application.
- Research and evaluate on latest security threats and technology solutions, such as Cloud, Big Data, Social Networking and Mobility.
- Assist to establish and implement the assessment on outsourcing/third party security control.
- Assist to establish and maintain security standards and guidelines with focus on application and network security.
- Assist in establishing security baseline for key IT processes.
- Plan, coordinate and drive IT security program to enhance secure posture assessment for critical information systems.
- Proactively work with vendors to understand the up-to-date related technology for the possible Company implementation feasibility.
- Assist to establish review processes on information security operation.
- Work with the IT operation partners to monitor any system and network security threat and to apply quick remediation action.
- Assist to build and manage computer security incident response program.
- Assist to manage compliance measurement of security patch compliance for corporate infrastructure.
- Assist to manage independent penetration test for the corporate infrastructure.
- Assist in reviewing IT initiatives from technology risk perspectives.
- Report findings on security inefficiencies and provide recommendation for improvement.
- Assist in planning of technology related risk management strategies, processes and work plans.
- Assist to establish security dashboard with key risk indicators
- Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.
- Over 2 years of experience in IT security, technology risk, risk management, compliance or IT audit function, gained from other sizable financial institutions
- Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM) or Certified Internal Auditors (CIA) preferable.
- Sound knowledge of network security or platform security.
- Good command of written and spoken English with Mandarin is preferable.
- Good communication and interpersonal skills; and
- Independent and strong self-initiative.
- Candidates with more relevant experience may be considered for senior levels