IT - 14012021
3 months ago
- Develop and maintain technology risk management and cyber resilience policy and process in compliance with the HKMA requirements.
- As a second line of defense, assist risk owners in identifying and measuring risks to build a cyber and technology risks profile.
- Overseeing cyber and technology risks by ensuring controls are properly designed, implemented and operated as intended, and ascertain the consistency of risk assignment.
- Review residual risk level and control effectiveness to make recommendation for risk treatment.
- Coordinate to evaluate emerging cyber threat scenario for continuous improvement on cyber security response preparation for Business Continuity Management (BCM).
- Participate in cyber threat intelligence analysis to gauge the prevailing cyber threat landscape, and make recommendation on improving the company risk posture.
- 6+ years of experience in information security or technology risk management field.
- Holder of CRISC, CISA, CISM, CISSP or other equivalent certificates is preferred.
- Practical experience and knowledge in risk management framework and methodology.
- Knowledge in control frameworks such as C-RAF, TM-E-1, TM-G-1 published by the HKMA, etc.