Job ref no.: 498402
Bank of China (Hong Kong) Limited

Assistant / Deputy / Technology Risk Manager

Bank of China (Hong Kong) Limited

Job No.: 498402
Employment Type: Full time
Departments: Information Technology Department
Job Functions: Information Technology

Roles and Responsibilities:

  • Conduct daily Information and Cyber Security monitoring, incident analysis and investigation, incident response operation and support.
  • Participate in Information and Cyber Security projects for the Design, development and implementation.
  • Assist in planning of technology related risk management strategies, processes and work plans.
  • Familiar with technologies on IBM QRadar SIEM, IBM Guardium and with knowledge in Network and Cloud security is preferable.
  • Formulate and manage information security policies, standards and procedures.
  • Plan and conduct information security assessment and IT risk evaluation in area covering IT general controls, information asset management, access controls and endpoint security review. Support the implementation of security initiatives to ensure the compliance with corporate information security policies and compliance standards.
  • Act as a subject matter expert to assist business units and cross-functional teams in identifying and mitigating information security risks.
  • Communicate to business units and cross-functional teams regarding information security risk issues and/or control gaps, and recommends remediation initiatives.
  • Create and manage information security awareness training programs for all employees, contractors and approved system users.
  • Stay informed about latest developments in information security field.

Job Requirements:

  • Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline。
  • Over 5 years of experience in IT security, technology risk, risk management, system development management, compliance or IT audit function, gained from other sizable financial institutions.
  • Candidate with less experience will be considered as deputy technology risk manager
  • Fresh graduated candidate will also be considered as assistant technology risk manager
  • Demonstrated experience working with the regulators and external auditor.
  • Holding at least one recognized professional qualification under HKMA enhanced competency framework such as CISA, CISSP, CISM, CCSP, PMP is preferable.
  • Good command of written and spoken English and Mandarin is preferable.
  • Good communication and interpersonal skills.
  • Independent, strong self-initiative and with passion in information security and cyber security professional. 

We offer competitive remuneration package and comprehensive fringe benefits including medical and life insurance, and different types of allowances to the right candidate. Interested parties, please submit your application online. For details, please visit our website

To apply:

Data collected would be used for recruitment purposes only. It might also be disclosed to our subsidiaries or Associated Companies to process the information for appointment. Applicants who do not hear from us within 8 weeks may consider their application unsuccessful and their data will be destroyed within 12 months of receipt.

More job information
Job ref no. 498402
Job Function
Work Model
  • On-site / At the workplace
Employment Term
  • Full-time
  • 5 years - 10 years
Career Level
  • Middle management level
  • Degree