top of page

IT Dept - Information Security & Compliance Manager

About the job

Our Client is a Chinese bank in Hong Kong. It is now inviting high caliber professionals to join their Banking Group

Responsibilities

- Develop information security policies / BCP plan / manuals and procedures 

- Monitor security administration on application logical access and identity management, hardening, security monitoring and vulnerability management 

- Design security setup, access control matrix, and control reviews

- Conduct IT security risk assessment and 3rd party cybersecurity reviews 

- Handle regulatory compliance assessment and reporting 

- Act as contact point on operational risk and compliance activities 

- Coordinate with external/internal auditors on audit matters and follow up audit findings. 

- Conduct security incident handling, investigation and reporting

- Maintain security incident response plan and playbook. Conduct regular security incident response drill 

Requirements

- University degree or above in Computer Science. Cybersecurity or related discipline 

- Minimum 5 years of experience in information security in banking sector 

- Strong knowledge in security related framework/standards, such as PCI-DSS, PDPO, GDPR, MITRE ATT&CK 

- Familiar with banking regulation on technology risk management and cyber security 

- Knowledge of secure coding best practices, source code review, and internet threat vectors such as OWASP top 10 

- Technical knowledge in network / server / OS / Databases / security / banking applications 

- Good team player and able to work independently 

- May occasionally work outside during office hours 

- Good command of written and spoken in English and Chinese (preferably fluent in Mandarin) 

- Holder of CISA/CISSP/CISM or other recognized certificate

Application

Competitive package will be offered to the right Candidates. If you are interested in the job, please email us your full resume with current and expected salary in WORD format to info2@megajobshr.com. 

 (You may use your own email program,quoting the job title, to email us)

All applications will be treated in strict confidence and all personal data collected will be used for recruitment purposes only.

bottom of page