About Hong Kong Genome Institute

The Hong Kong Genome Institute (HKGI), established and wholly owned by the Hong Kong SAR Government, commenced full operations in 2021.  With the vision “to avail genomic medicine to all for better health and well-being” and supported by the Health Bureau, HKGI works in close collaboration with the Department of Health, Hospital Authority, medical schools of local universities and other stakeholders to accelerate the development of genomic medicine in Hong Kong along four strategic foci: integrate genomics into medicine, advance research, nurture talents and enhance public genomic literacy.

As the first step towards achieving its vision, HKGI launched the Hong Kong Genome Project (HKGP) in 2021. As the city’s first large-scale genome sequencing project, HKGP serves as a catalyst to benefit patients and their families with more precise diagnosis and personalised treatment through whole genome sequencing. It also aims to establish genome database of the local population, testing infrastructure and talent pool to address the healthcare needs of Hong Kong in the long run. 

For more information, please visit www.hkgp.org

System & Infrastructure Manager (Risk Management)

Reporting to the Project Lead of the Security Risk Assessment and Audit (SRAA) project, the incumbent will assume the following responsibilities:

Key Responsibilities:

• Support the execution of the SRAA process, ensuring ongoing compliance with internal policies and standard operating procedures.
• Organise and implement activities to identify control gaps and mitigate technology risks as part of the SRAA exercise, including evaluating vulnerabilities, testing system resilience, and conducting drills.
• Perform assessments on systems and infrastructure to maintain robust IT risk management.
• Establish requirements for information protection during application, system, and network implementations, in accordance with industry best practices.
• Support IT operations related to governance and assurance, including access management, monitoring, incident response, and reporting, aligning with the objectives of the risk assessment and audit programme.
• Manage the day-to-day operations related to IT risk management, overseeing event monitoring, vulnerability management, and performance optimisation of tools and systems.
• Provide recommendations to management on advancements in technology, emerging threats, and preventive measures through continuous research, contributing to the enhancement of the risk assessment and audit processes.
• Perform any other duties assigned by senior officers.

Requirements:
 

We are seeking a high-calibre candidate for the post of System & Infrastructure Manager (Risk Management) who possesses:
 

• A bachelor's or master's degree in computer science, information systems, or related discipline
• Experience in supporting and executing security risk assessment and audit processes, including knowledge of methodologies and tools utilised in these processes.
• Strong understanding of IT risk management principles and practices, including risk assessment, mitigation, and control implementation.
• In-depth knowledge of industry standards and frameworks related to IT risk management, such as ISO 27001.
• Proficiency in conducting risk assessments and developing risk management strategies for IT systems, applications, and infrastructure.
• Familiarity with IT security technologies and controls, such as firewalls, intrusion detection systems, encryption, access controls, and vulnerability management tools.
• Strong project management skills, with the ability to manage multiple initiatives and prioritise tasks effectively.
• Excellent analytical and problem-solving skills, with the ability to identify and assess potential risks and vulnerabilities in IT environments.
• Professional certifications in IT risk management, such as CISA, CISM, CISSP, CEH, CDPSE.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and stakeholders.

Office location:
Hong Kong Science Park, Shatin

Remuneration:

Successful candidate will be offered attractive remuneration and be appointed on an initial two-year contract (subject to mutual agreement for contract renewal).
 

Application:

Interested parties should send full resume enclosing current and expected remuneration together with availability to HKGI on or before 3 June 2024. Only shortlisted candidates will be notified.

Data collected will be used for recruitment purpose only.