Implement systems security polices, perform IT security administration, control, review, and support regular security profile review
Manage the technology risk management processes to identify emerging or existing technology-related risks including but not limited to measure the impact, likelihood and direction of technology-related risks, regularly monitor any technology-related issues or incidents and control the risks through preventive, compensating and contingency measures
Establish and enforces standard of process related to Technology Risk Management
Manage the IT security function to ensure strict adherence to the corporate security control requirements, establishes corporate security policies / standards / baselines and departmental procedures, oversee security administration and control, and conducts regular security profile review
Manage and monitor project progress to ensure consistency and uniformity from Information Security Risk perspective
Manage cyber security risk and perform investigation of any technology-related frauds and incidents
Support internal / external / regulatory audit review and conduct service provider review
Ensure awareness of and compliance with IT control policies, corporate standards and regulatory requirements
Review security matrix e.g. toxic combination and configuration review
On-call standby support is required during non-office hours
Requirements
Degree holder in Information Technology or related discipline
Minimum 5 years of relevant experience in Technology Risk or Information Security Risk domain, preferably gained from banking / finance industry
Experience in technology risk management and IT compliance is an advantage
Strong understanding of Information Technology Risk Management
Sound knowledge of database, operating systems and information security practices
Customer-oriented, good communication and interpersonal skills
Holder of ECF-C recognized certification at professional level is required
Able to work under pressure and willing to work overtime
Strong problem-solving skill and analytical mind set
Good command of written and spoken English and Mandarin
Applicants who are not contacted within 8 weeks may consider their applications unsuccessful and their personal data will be retained by the bank for a period up to two years.
All information provided by applicants will be used for recruitment purposes only and will be used strictly in accordance with the bank’s personal data policies, a copy of which will be provided upon request.
China Construction Bank (Asia) Corporation Limited (“CCB (Asia)") is the comprehensive and integrated commercial banking platform of China Construction Bank Corporation (“CCB") in Hong Kong. CCB (Asia) offers a wide array of banking products and services to customers, including consumer banking services, commercial banking services, corporate banking services, private banking services, treasury business and cross-border financial services, etc.
We’re inviting high caliber professionals to share our vision and mark our success together.