職位搜索

調整搜索範圍

Senior / Technology Risk Manager (Cyber Security Control Division)

職位編號: 494307
聘用性質: 全職
部門: 資訊科技部
工作類別: 資訊科技, 風險管理

  1. Roles and Responsibilities & Specific Requirements (Application Security):
  • Assist in reviewing IT initiatives and provide advisory from technology risk perspectives
  • Assist to establish and review policies, guidelines, procedures in application security area
  • Provide advisory and practical guidance to support technology risk and information security assessments, include vulnerability scanning, penetration test etc.
  • Conduct regular assessment on application security
  • Familiar with security testing tools e.g. Fortify, AppScan and Nessus, technologies on DevSecOps and industry good practice OWASP is preferable

 

  1. Roles and Responsibilities & Specific Requirements (Cyber Security):
  • Provide Cyber Security incident response operation and support.
  • Experience in OSINT, malware analysis and digital forensics.
  • Research and evaluate on latest security threats and Cyber Threat Intelligence.
  • Participate in Red & Purple Teaming exercises.
  • Familiar with technologies on Firewall, IDS, IPS, SIEM, SOAR  and Network/Cloud Infrastructure is preferable.

 

  1. Roles and Responsibilities & Specific Requirements (Platform Security):
  • Research and evaluate latest trend & technologies on information security and fintech area, such as FinTech, Artificial Intelligence, Big Data, Cloud Computing etc
  • Conduct regular assessment on data center security

 

General Job Requirements:

  • Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.
  • Over 2 years of experience in IT security, technology risk, risk management, compliance or IT audit function, gained from other sizable financial institutions
  • Holding at least one recognized professional qualification under HKMA enhanced competency framework such as CISA, CISSP, CRISC is preferable.
  • Familiar with HKMA TM-E-1, PCI-DSS, ISO 2700-series or other security risk management framework is an advantage
  • Good command of written and spoken English with Mandarin is preferable and
  • Good communication and interpersonal skills;

返回搜索結果 立即申請 介紹予朋友