职位搜索

调整搜索范围

Senior / Technology Risk Manager (Cyber Security Control Division)

职位编号: 494307
聘用性质: 全职
部门: 资讯科技部
工作类别: 资讯科技, 风险管理

  1. Roles and Responsibilities & Specific Requirements (Application Security):
  • Assist in reviewing IT initiatives and provide advisory from technology risk perspectives
  • Assist to establish and review policies, guidelines, procedures in application security area
  • Provide advisory and practical guidance to support technology risk and information security assessments, include vulnerability scanning, penetration test etc.
  • Conduct regular assessment on application security
  • Familiar with security testing tools e.g. Fortify, AppScan and Nessus, technologies on DevSecOps and industry good practice OWASP is preferable

 

  1. Roles and Responsibilities & Specific Requirements (Cyber Security):
  • Provide Cyber Security incident response operation and support.
  • Experience in OSINT, malware analysis and digital forensics.
  • Research and evaluate on latest security threats and Cyber Threat Intelligence.
  • Participate in Red & Purple Teaming exercises.
  • Familiar with technologies on Firewall, IDS, IPS, SIEM, SOAR  and Network/Cloud Infrastructure is preferable.

 

  1. Roles and Responsibilities & Specific Requirements (Platform Security):
  • Research and evaluate latest trend & technologies on information security and fintech area, such as FinTech, Artificial Intelligence, Big Data, Cloud Computing etc
  • Conduct regular assessment on data center security

 

General Job Requirements:

  • Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.
  • Over 2 years of experience in IT security, technology risk, risk management, compliance or IT audit function, gained from other sizable financial institutions
  • Holding at least one recognized professional qualification under HKMA enhanced competency framework such as CISA, CISSP, CRISC is preferable.
  • Familiar with HKMA TM-E-1, PCI-DSS, ISO 2700-series or other security risk management framework is an advantage
  • Good command of written and spoken English with Mandarin is preferable and
  • Good communication and interpersonal skills;

返回搜索结果 立即申请 介绍予朋友