Provide advisory and recommendation from risk perspective.
Assist to define security architecture for the organization infrastructure and application.
Research and evaluate on latest security threats and technology solutions, such as Cloud, Big Data, Social Networking and Mobility.
Assist to establish and implement the assessment on outsourcing/third party security control.
Assist to establish and maintain security standards and guidelines with focus on application and network security.
Assist in establishing security baseline for key IT processes.
Plan, coordinate and drive IT security program to enhance secure posture assessment for critical information systems.
Proactively work with vendors to understand the up-to-date related technology for the possible Company implementation feasibility.
Assist to establish review processes on information security operation.
Work with the IT operation partners to monitor any system and network security threat and to apply quick remediation action.
Assist to build and manage computer security incident response program.
Assist to manage compliance measurement of security patch compliance for corporate infrastructure.
Assist to manage independent penetration test for the corporate infrastructure.
Assist in reviewing IT initiatives from technology risk perspectives.
Report findings on security inefficiencies and provide recommendation for improvement.
Assist in planning of technology related risk management strategies, processes and work plans.
Assist to establish security dashboard with key risk indicators
Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.
Over 2 years of experience in IT security, technology risk, risk management, compliance or IT audit function, gained from other sizable financial institutions
Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM) or Certified Internal Auditors (CIA) preferable.
Sound knowledge of network security or platform security.
Good command of written and spoken English with Mandarin is preferable.
Good communication and interpersonal skills; and
Independent and strong self-initiative.
We offer competitive remuneration package and comprehensive fringe benefits including medical and life insurance, and different types of allowances to the right candidates. Interested parties, please email your application to email@example.com. For details, please visit our website http://www.bochk.com
Data collected would be used for recruitment purposes only. Applicants who do not hear from us within 8 weeks may consider their application unsuccessful and their data will be destroyed within 24 months of receipt.