Our client, a leading Investment Bank in the region, is looking for an experienced Information Security & Technology Risk expert to join their team and help the development & implementation security controls, policies and standards.

Responsibilities:
– IT Risk advisory: work closely with IT Managers and the business to ensure security policies & standards are adopted and implemented.
– Incident management: respond to critical security alerts / vulnerabilities, and work closely with key stakeholders to report high-priority incidents and recommend mitigation strategies.
– On going projects: improve the firm’s security infrastructure.  Identifying gaps in compliance, information security, business continuity standards and IT policies.

Qualifications:
– 6+ years’ experience in IT Security and Risk in an enterprise environment.
– Strong infrastructure knowledge on security covering including Windows Desktop, Server, UNIX/Linux, Storage, Networking, Databases, applications, Market Data etc.
– Business Continuity (application failover, crisis management, BCP planning) and risk analysis pr assessments (understanding of regulatory requirements and self-assessments to ensure compliance).
– Excellent Communication skills in English, Cantonese and Mandarin.
– Security Certification in in CGEIT, CISM, CISA, CISSP or CRISC, or equivalent.