Technology Risk Manager (Information Security Control Division)
职位编号: 499438
聘用性质: 全职
部门: 资讯科技部
工作类别: 资讯科技
Roles and Responsibilities & Specific Requirements (Application Security):
- Assist in reviewing IT initiatives and provide advisory from technology risk perspectives
- Assist to establish and review policies, guidelines, procedures in application security area
- Provide advisory and practical guidance to support technology risk and information security assessments, include vulnerability scanning, penetration test etc.
- Conduct regular assessment on application security
- Familiar with security testing tools e.g. Fortify, AppScan and Open Source Scanning tools, technologies on DevSecOps and industry good practice OWASP is preferable
General Job Requirements:
- Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.
- Over 4 years of experience in IT security, technology risk, risk management, compliance or IT audit function, gained from other sizable financial institutions
- Holding at least one recognized professional qualification under HKMA enhanced competency framework such as CISA, CISSP, CRISC is preferable.
- Familiar with HKMA TM-E-1, PCI-DSS, ISO 2700-series or other security risk management framework is an advantage
- Good command of written and spoken English with Mandarin is preferable and
- Good communication and interpersonal skills;
返回搜索结果 立即申请 介绍予朋友