Our client, a leading bank, is looking for a Head of Information Security and Tech Risk for their growing team. Selected candidate will be the key person to drive the information security management. Great exposure and opportunity.
– Define and manage information security policies, standard and procedure across the IT space.
– Define security infrastructure strategy and roadmap for the bank.
– Perform regular security profile review.
– Responsible for security incident and technology related fraud investigations.
– Perform IT security assessments to and evaluate existing controls.
– Execute the technology risk management processes to identify emerging or existing technology risk.
– Manage the security measure, security products, systems, procedures and standard in the firm.
– Define and maintain the infrastructure and application security framework and provide security assessments.
– Provide protection against Web threats including cyber crime, malware, phishing, viruses, DDoS attacks, hacking etc.
– Provide Support for encryption key management. Assist the application team and provide security design of IT solutions.
– Provide investigation and forensic on security breach incident.
– Provide and review security solution design.
– At least 10 years of relevant IT Security and Information Security experience, ideally from a banking background.
– Experience with IT Security across application and infrastructure.
– Strong understanding of financial industry businesses and Technology Risk regulations.
– Strong knowledge of encryption key management, firewall, intrusion, security for banking systems.
– Strong organizational skills and an ability to manage multiple demands and changing priorities. Detail oriented.
– Understanding of regulatory requirements from HKMA/SFC.
– CISA, CISM, CISSP or equivalent industry certification.