Job ref no.: 498212
Bank of China (Hong Kong) Limited

Senior Business Compliance Manager ( Business Risk and Control – Tech Risk)

Bank of China (Hong Kong) Limited

Job No.: 498212
Employment Type: Full time
Departments: Personal Banking Risk And Integrated Management Department
Job Functions: Risk Management, Compliance, FinTech


  • Assist in reviewing IT initiatives from technology risk perspective for retail banking products and services.
  • Identify technology risk and information security risk for digital products and services, recommend appropriate risk mitigation measures in business-intelligible language.
  • Research and evaluate latest trend and technologies on information security and regtech area.
  • Lead the Regtech projects and interpret data through various computational tools
  • Prepare regular management reporting


  • Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.
  • Over 7 years of experience in IT security, technology risk, risk management, compliance or IT audit function.
  • Familiar with HKMA TM-E, PCI-DSS and other security risk management framework
  • Holding CISA or other recognized professional qualification of is an advantage
  • Excellent interpersonal and communications skills with good command of English and Chinese in both spoken and written
  • A good team player with strong analytical skills, numerical reasoning and trouble shooting skills, able to work under pressure

We offer competitive remuneration package and comprehensive fringe benefits including medical and life insurance, and different types of allowances to the right candidate. Interested parties, please submit your application online. For details, please visit our website

To apply:

Data collected would be used for recruitment purposes only. It might also be disclosed to our subsidiaries or Associated Companies to process the information for appointment. Applicants who do not hear from us within 8 weeks may consider their application unsuccessful and their data will be destroyed within 12 months of receipt.