Job ref no.: 494307 (CT3118372-01#1633)
Bank of China (Hong Kong) Limited

Technology Risk Management Officer / Manager

Bank of China (Hong Kong) Limited

  • 5-day week
  • Birthday leave
  • Compassionate leave
  • Competitive pay
  • Dental plan
  • Discretionary bonus
  • Education subsidies
  • Extra maternity leave
  • Extra paternity leave
  • Family medical plan
  • Housing allowance
  • Insurance plan
  • Marriage leave
  • Medical plan
  • … + 8 more

Job No.: 494307
Employment Type: Full time
Departments: Information Technology Department
Job Functions: Information Technology



  • Provide advisory and recommendation from risk perspective
  • Assist to define security architecture for the organization infrastructure and application
  • Research and evaluate on latest security threats and technology solutions, such as Cloud, Big Data, Social Networking and Mobility
  • Assist to establish and implement the assessment on outsourcing/third party security control
  • Assist to establish and maintain security standards and guidelines with focus on application and network security
  • Assist in establishing security baseline for key IT processes
  • Plan, coordinate and drive IT security program to enhance secure posture assessment for critical information systems
  • Proactively work with vendors to understand the up-to-date related technology for the possible Company implementation feasibility
  • Assist to establish review processes on information security operation
  • Work with the IT operation partners to monitor any system and network security threat and to apply quick remediation action
  • Assist to build and manage computer security incident response program
  • Assist to manage compliance measurement of security patch compliance for corporate infrastructure
  • Assist to manage independent penetration test for the corporate infrastructure
  • Assist in reviewing IT initiatives from technology risk perspectives
  • Report findings on security inefficiencies and provide recommendation for improvement
  • Assist in planning of technology related risk management strategies, processes and work plans
  • Assist to establish security dashboard with key risk indicators



  • Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline
  • Over 2 years of experience in IT security, technology risk, risk management, compliance or IT audit function, gained from other sizable financial institutions
    Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM) or Certified Internal Auditors (CIA) preferable
  • Sound knowledge of network security or platform security
  • Good command of written and spoken English with Mandarin is preferable
  • Good communication and interpersonal skills
  • Independent and strong self-initiative


We offer competitive remuneration package and comprehensive fringe benefits including medical and life insurance, and different types of allowances to the right candidate. Interested parties, please submit your application online. For details, please visit our website “"

To apply:

Data collected would be used for recruitment purposes only. It might also be disclosed to our subsidiaries or Associated Companies to process the information for appointment. Applicants who do not hear from us within 8 weeks may consider their application unsuccessful and their data will be destroyed within 12 months of receipt