Assist in coordinating, planning, and managing technology risk and data management initiatives in alignment with Group standards, internal polices and regulatory requirements.
Support business units in the timely completion of technology risk and data management tasks, ensuring the quality standard including delivering briefings and responding to task-related inquiries.
Collaborate closely with business units, Group’s Information Technology Department to integrate technology risk management and data management practices into daily operations.
Conduct security control assessments and technology risk evaluations for 3 rd party service providers, including review of control evidence, risk remediation plan to ensure compliance with information security policies and regulatory expectations.
Assist in managing technology risk incidents by coordinating response efforts, facilitating root cause analysis, ensuring timely resolution, and maintaining comprehensive documentation for audit and reporting purposes.
Coordinate and organize regular training sessions, meetings to promote understanding and adherence to evolving technology risk and data management standards across business units.
Requirements:
Bachelor’s Degree holder in Information Technology, Computer Science or related field.
Add-on with professional certifications like CISA/CISM/CISSP/CCSP/CRISC.
Minimum of 2 years of relevant experience, preferably within banking, insurance, or financial institutions, in compliance technology (either first or second line of defense) or IT audit.
Knowledge of cloud computing, application security (mobile and web), and AI-related risk and security.
Familiar with and able to understand risk management framework and regulatory requirements (HKIA GL20, GL14, PCPD Privacy).
Skills & Requirements
Technical Skills
Cloud computingApplication securityAi-related risk and securityCisaCismCisspCcspCriscCommunicationProblem-solvingCisaCismCisspCcspCriscBankingInsuranceFinancial