Job Summary

Oversee the identification, assessment, and mitigation of cybersecurity and technology-related risks within the organization. This individual will work closely with various departments to ensure that our technology systems and processes are secure, resilient, and compliant with regulatory requirements. The Cybersecurity and Technology Risk Manager will also play a crucial role in developing and implementing risk management strategies to safeguard our organization from cyber threats.

Key Responsibilities:

1. Lead the assessment of cybersecurity and technology risks across all functional areas, ensuring comprehensive coverage.

2. Validate and review risk assessments conducted by other teams to ensure accuracy and completeness.

3. Oversee the technology risk management program, functioning as an independent and objective body responsible for identifying, assessing, mitigating, and monitoring all technology and cyber risks.

4. Provide support to the Head of Technology Risk to drive bank-wide enhancement and implementing risk management strategies to safeguard the organization from cyber threats

5. Establish and maintain technology and cyber risk oversight through the development and analysis of integrated Key Risk Indicators (KRIs).

6. Ensure the effectiveness of the technology and cyber risk management reporting process, enabling timely escalation of severe operational risk incidents and submission of operational risk management reports to the Risk Management Committee (RMC).

7. Maintain oversight on major operational risk incidents, ensuring proper corrective actions, identifying root causes, and driving effective preventive actions.

8. Collaborate across all levels of the organization to understand cross-functional linkages, interdependencies, and the implications of risk at both strategic and business levels.

Experience and Education:

• 3-8 years in banking and risk management related experience
• Bachelor's Degree in accounting, business administration, finance or risk management required
• Technology advisory / audit experience in Big Four’s highly desirable.
• Proficient knowledge on risk management and Hong Kong banking regulatory requirements (as stated in the Banking Ordinance, HKMA Supervisory Policy Manual, HKMA Guidance, Notes and Circulars) 
• Experience in conducting cybersecurity risk assessments and developing risk mitigation strategies.
• Professional qualifications such as CISSP, CISA, CISM, CICSP preferred
• Good knowledge of banking products in retail and commercial bank
• Good understanding of technology risk Management processes and controls
• Strong problem-solving ability; analytical and critical thinking
• Open-minded; team player; willing to challenge status quo and run extra mile. Good communication and interpersonal skills
• Fluency in English and Chinese, written and spoken.

Interested candidates, please send your detailed resume with contact telephone number, earliest availability date, current and expected salary via "Apply Now".

Personal information collected is strictly for recruitment purpose only.