China Construction Bank (Asia) Corporation Limited

Information Security Risk Manager (Candidate with Big4 technology-risk experience is preferred)

China Construction Bank (Asia) Corporation Limited

Main Responsibilities

  • Implement systems security polices, perform IT security administration, control, review, and support regular security profile review
  • Manage the technology risk management processes to identify emerging or existing technology-related risks including but not limited to measure the impact, likelihood and direction of technology-related risks, regularly monitor any technology-related issues or incidents and control the risks through preventive, compensating and contingency measures
  • Establish and enforces standard of process related to Technology Risk Management
  • Manage the IT security function to ensure strict adherence to the corporate security control requirements, establishes corporate security policies / standards / baselines and departmental procedures, oversee security administration and control, and conducts regular security profile review
  • Manage and monitor project progress to ensure consistency and uniformity from Information Security Risk perspective
  • Manage cyber security risk and perform investigation of any technology-related frauds and incidents
  • Support internal / external / regulatory audit review and conduct service provider review
  • Ensure awareness of and compliance with IT control policies, corporate standards and regulatory requirements
  • Review security matrix e.g. toxic combination and configuration review
  • On-call standby support is required during non-office hours


  • Degree holder in Information Technology or related discipline
  • Minimum 5 years of relevant experience in Technology Risk or Information Security Risk domain, preferably gained from banking / finance industry
  • Experience in technology risk management and IT compliance is an advantage
  • Strong understanding of Information Technology Risk Management
  • Sound knowledge of database, operating systems and information security practices
  • Customer-oriented, good communication and interpersonal skills
  • Holder of ECF-C recognized certification at professional level is required
  • Able to work under pressure and willing to work overtime
  • Strong problem-solving skill and analytical mind set
  • Good command of written and spoken English and Mandarin

To apply, please send the detailed resume By email: [via CTgoodjobs Apply Now ]


Applicants who are not contacted within 8 weeks may consider their applications unsuccessful and their personal data will be retained by the bank for a period up to two years.

All information provided by applicants will be used for recruitment purposes only and will be used strictly in accordance with the bank’s personal data policies, a copy of which will be provided upon request.

More job information
  • 5-day week
  • Discretionary bonus
  • Insurance plan
  • Medical plan
Job Function
Work Model
  • On-site / At the workplace
Employment Term
  • Full-time
  • 5 years - 10 years
Career Level
  • Middle management level
  • Degree