top of page

IT Security & Risk Associate - Leading Financial Institution

IT Security & Risk

29 March 2023

Hong Kong

Our client, a leading financial institution with massive real-time high-frequency transactions, is looking for an IT Security & Risk Associate to join their IT Security & Risk Governance Team. The selected candidate will be a key person in supporting their Security and Risk Management.


Responsibilities:


  • Manage the IT Security & Risk and Control Framework across the IT Organization.

  • Define IT Security & Risk standards and Control in response to the changing technology landscape and regulatory requirements.

  • Ensure the IT policy, processes, and procedures are well established and awarded across the organization.

  • Manage IT Security & Risk incidents including identifying the root cause, control options, recommendations, and resolutions.

  • Communicate with regulators, and auditors including compliance assessment, security audits, etc.

  • Review IT outsourcing providers and perform regular security assessments on IT outsourcing services.

  • Manage IT Audits and ensure risk-impacting issues are addressed before the initiation of the audit.


Requirements:


  • Around 8 - 10 years of experience in IT Security and Risk area ideally in a 1.5 Line of Defense.

  • Experience with IT Security and risk management in a large-scale financial institution.

  • Experience in technology risk & control including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, governance and metrics, incident management etc

  • Solid understanding of internal control concepts with the ability to evaluate and determine the adequacy of controls by considering business and technology risks.

  • Familiar with industry risk frameworks including ISO27001, NIST, PCI.

  • Excellent communication skills in English.

  • Certificates in CGEIT, CRISC, CISA, and/or CISSP are a great plus.

  • Good knowledge of NIST Cybersecurity Framework, ITIL, CMMI, ITSM, COBIT, and PMBOK.

  • Bachelor's Degree in Computer Science, IT, or related discipline.


bottom of page