top of page

Tech Risk (2LOD) Manager - Enterprise Security Hub

IT Security & Risk

13 June 2023

Hong Kong

My client, a leading enterprise with one of the largest sophisticated technology setups, is looking for a Technology Risk Manager to manage their second-level line of defense. You will be working with some of the best people in the field to manage a large technology transformation across technology risk and governance.


  • Manage Information Security and Risk Management including technology governance, BCP, regulatory and internal requirements.

  • Work with different technology stakeholders to facilitate internal/external audits.

  • Resolve negative audit findings reported by the security audit team and track the remediation progress.

  • Enhance audit process and proficiency by implementing audit standards, methodologies, and techniques

  • Identify potential risks, forecast trends, and uncover insight through various Data Engineering and Analytics.

  • Identify and capture risks and exceptions and subsequently monitor, track, and manage them

  • Assist to process regular assessment and penetration testing on different applications


  • Around 6 - 8 years of experience in technology risk management or relevant IT control, and audit functions in the financial industry.

  • Familiar with technology risk management and regulatory requirements.

  • Previous IT Security & Risk control or audit experience will be an advantage.

  • Exposure to security and technology knowledge including DevSecOps and cloud infrastructure.

  • Project Management experience in leading large-scale IT Security & Risk Control or Audit projects.

  • Knowledge of ISMS, ISO27001, and OWASP IT Security Frameworks.

  • CISA, CISM, or/and CISSP certification is preferred.

  • Excellent communication skills in English.

  • Degree from a Reputable University.

bottom of page