Our client, a leading Investment Bank in the region, is looking for an experienced Information Security & Technology Risk expert to join their team and help with the development & implementation security controls, policies and standards.

Responsibilities:
– Technology Risk or Information Security advisory: work closely with IT Managers and the business to ensure security policies & standards are adopted and in line with regulatory bodies including HKMA, SFC and MAS.
– Incident management: respond to critical security alerts / vulnerabilities, and work closely with key stakeholders to report high-priority incidents and recommend mitigation strategies.
– On going projects: improve the firm’s security infrastructure.  Identifying gaps in compliance, information security, business continuity standards and IT policies.

Qualifications:
– 6+ years’ experience in Information Security / Technology Risk in Banking or Finance.
– Risk analysis & assessments, and understanding of regulatory requirements to ensure compliance with external bodies such as HKMA, SFC, MAS etc.
– Business Continuity (application failover, crisis management, BCP planning) a plus.
– Strong infrastructure knowledge on security covering including Windows Desktop, Server, UNIX/Linux, Storage, Networking, Databases, applications, Market Data etc.
– Excellent Communication skills in English, Cantonese and Mandarin.
– Security Certification in in CGEIT, CISM, CISA, CISSP or CRISC, or equivalent.