Job Purpose

The job holder will be responsible for execution of risk processes and assessments to fulfill Technology Risk Management (TRM) objectives as well as regulatory requirements.  

 Responsibilities

• Assist to maintain the TRM framework by referring to the best practice of risk governance and management.
• Responsible for execution of TRM framework by reviewing the adequacy of the implemented controls.
• Responsible for technology and cyber risk identification, response, monitoring and reporting.
• Conduct technology risk assessment and monitor the status of risk acceptance or mitigation and whether residual risk still persists.
• Conduct cyber risk maturity assessment and facilitate iCAST exercise in accordance to the HKMA’s requirement.
• Execute the vulnerability and penetration testing as necessary.
• Keep track of Cyber risk intelligence from regulatory initiated platform and industry alliances, and advises the corresponding preventive actions.
• Provide consultancy and advice to the adoption of emerging and disrupting technologies by new initiatives in relation to technology risk.
• Prepare the bank-wide awareness or education program to promote the security cultures of the Bank.

Requirements

• Degree holder preferably in Information Technology or relevant discipline
• Minimum 8 years’ related experience in IT related functions including at least 5 years in Audit, Technology Risk Management or Information Security Management
• Obtained Core/Professional level qualification of Relevant Practitioner under the HKMA ECF on Cybersecurity
• Certified in CISSP, CISA, CISM or other recognized certificate is a must
• Holder of ethical hacking certification (e.g. CEH) would be an added advantage
• Good command of spoken and written English and Chinese (including Putonghua)

For more details about career opportunities with the Bank, please visit our website http://www.cncbinternational.com/careers/en/index.jsp. Please apply with full resume stating current and expected salaries.

Personal data collected will be used for recruitment related purposes only. Applicants not invited for interview within 6 weeks may consider their applications unsuccessful. However, applicants may be considered for other suitable positions within the Group for a period of not more than 2 years. Personal data will be destroyed at any time after 3 months.

China CITIC Bank International is committed to being an equal opportunities employer and intends to provide a work environment free of unlawful discrimination or harassment. All employment decisions will be made in a non-discriminatory manner.

China CITIC Bank International Limited ("CNCBI") is 75%-owned by CITIC International Financial Holdings Limited ("CIFH"), which in turn is a wholly-owned subsidiary of China CITIC Bank Corporation Limited ("CNCB").

By providing value-creating financial solutions to define and exceed both wealth management and international business objectives of Greater China and overseas customers, CNCBI aspires to be "the best integrated financial services institution", with the highest international standards and capabilities.

CNCBI's footprint in Greater China includes 28 branches and two business banking centres in Hong Kong, as well as branches and presence in Beijing, Shanghai, Shenzhen and Macau.  CNCBI also has overseas branches in New York, Los Angeles and Singapore.  More information about CNCBI can be found on its website at www.cncbinternational.com.