Technology Risk Management Head, Risk Management

Job Responsibilities

• Manage and lead the section to enforce technology risk management processes and to support the effective design and implementation of IT related security control activities
• Develop and maintain the technology risk and IT security related policies, monitor consistent implementation by relevant departments, perform advisory role to enhance the IT controls on continuing basis in order to ensure the technology risk management quality is sustained and any IT incident is timely escalated to senior management and regulator
• Plan and implement on-going measures to ensure all staff awareness, understanding, and compliance with the Bank’s IT control policies
• Formulate a formal technology risk acknowledgement and acceptance process for reviewing, evaluating and approving any major IT incidents, supervise on the formulation of remedial actions, as well as follow-up the completion of risk mitigation / prevention plans
• Develop effective control and management framework, including but not limited to set-up of relevant Key Risk Indicator (KRI) for technology risks to proactively identify key risk points, assess the control effectiveness and determine what remedial or additional control measures are required
   

Job Requirements

• Bachelor Degree or above with major in Finance / Financial Engineering / Risk Management / Quantitative Finance is preferred
• Holder of CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager) or CISA (Certified Information Systems Auditor) is preferred 
• Minimum 5 years experience in Banking industry, of which 3 years or more in IT security / control area
• Excellent presentation, communication and negotiation skills
• Proficient in spoken and written English & Chinese (including Putonghua)