职位搜索

调整搜索范围

Technology Risk Manager (Information Security Control Division)

职位编号: 499438
聘用性质: 全职
部门: 资讯科技部
工作类别: 资讯科技

Roles and Responsibilities & Specific Requirements (Application Security):

  • Assist in reviewing IT initiatives and provide advisory from technology risk perspectives
  • Assist to establish and review policies, guidelines, procedures in application security area
  • Provide advisory and practical guidance to support technology risk and information security assessments, include vulnerability scanning, penetration test etc.
  • Conduct regular assessment on application security
  • Familiar with security testing tools e.g. Fortify, AppScan and Open Source Scanning tools, technologies on DevSecOps and industry good practice OWASP is preferable

 

 

 

General Job Requirements:

  • Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.
  • Over 4 years of experience in IT security, technology risk, risk management, compliance or IT audit function, gained from other sizable financial institutions
  • Holding at least one recognized professional qualification under HKMA enhanced competency framework such as CISA, CISSP, CRISC is preferable.
  • Familiar with HKMA TM-E-1, PCI-DSS, ISO 2700-series or other security risk management framework is an advantage
  • Good command of written and spoken English with Mandarin is preferable and
  • Good communication and interpersonal skills;

返回搜索结果 立即申请 介绍予朋友