Discover your dream Career
For Recruiters

(Senior) echnology Risk Manager (Cyber Security Control Division)

Bank Of China (Hong Kong) Limited Hong Kong
Posted 2 days ago Permanent Competitive

(Senior) echnology Risk Manager (Cyber Security Control Division)

Bank Of China (Hong Kong) Limited Hong Kong
Roles and Responsibilities & Specific Requirements (Cyber Security):
  • Formulate and manage cyber security policies, standards and procedures.
  • Assist in planning of technology related risk management strategies, processes and work plans.
  • Participate in Cyber Security projects for the design, development and implementation.
  • Plan and conduct cyber security assessment and IT risk evaluation in area covering IT general controls, information asset management, access controls, cloud/server/endpoint/ network/ middleware security review. Support the implementation of security initiatives to ensure the compliance with corporate information security policies and compliance standards.
  • Participate in organizing/conducting penetration test, red/blue/purple teaming exercises, vulnerability assessment, validation controls for local/overseas entities.
  • Provide Cyber Security incident response operation and support, work with local & regional SOC team to seek for continuous improvement for daily Cyber Security monitoring, incident analysis & investigation, incident response operation and support.
  • Experience in arrangement and co-ordination of cross-countries cyber incident response drills.
  • Experience in Security operations, managing SOC, Offensive security, Container security, CSPM, Threat Hunting, OSINT, Dark Web monitoring, Malware analysis, SecOps , Digital forensics , Attack surface management, managing Cloud/ISP/On-premises Anti-DDoS solution, AI/LLM security, Threat modeling, Supply chain cybersecurity and Vulnerability management.
  • Serve as a subject matter expert to support business units and cross-functional teams in identifying and addressing cybersecurity risks. Engage with various business units and teams to discuss risk issues and control gaps, and propose effective remediation strategies.
  • Research and evaluate on latest security threats and Cyber Threat Intelligence, stay informed about latest developments in cyber security field.
  • Familiar with technologies on Firewall, IDS, IPS, WAF, DNS Security, Email Security, SIEM, SOAR, DLP, UEBA, BAS, XDR, Deception, Generative AI/Machine Learning, Application of AI/ML/LLM/MCP/RAG libraries in Python , Zero Trust, Micro-segmentation, Unified endpoint management, SASE/SSE Solution, Database security, and Network/Cloud security are preferable.
  • Willing to travel to different oversea region occasionally to conduct regional cyber security assessment, provide cyber security incident and response support as well as to participate different training / red team exercises (eg. Asia Pacific area, Shenzhen and Shanghai).
General Job Requirements:
  • Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.
  • At least 2 years of experience in IT security, technology risk management, compliance or IT audit function, gained from other sizable financial institutions
  • Holding at least one recognized professional qualification under HKMA enhanced competency framework such as CISA, CISSP, CISM. Industry-recognized cyber security certifications ,such as OSCP/OSCE/OSWE/OSEE/GXPN/GPEN/GCPN/GCIH/GSOC/ GCFA/OSDA/CCIE/CCNP, is preferable
  • Familiar with HKMA TM-E-1, TM-C-1, TM-G-1, C-RAF, PCI-DSS, ISO 27001, PDPO, NIST, MITRE ATT&CK, OWASP, Protection of Critical Infrastructures (Computer Systems) Bill or other security risk management framework or regulatory requirements is an advantage
  • Independent, strong self-initiative and with passion in cyber security professional.
  • Good command of written and spoken English with Mandarin is preferable and
  • Good communication and interpersonal skills.
  • Candidate with less experience or qualification will also be considered as Assistant Technology Risk Manager
If you are applying for in-scope position(s) under the Mandatory Reference Checking Scheme (i.e., A role carrying out regulated activities licensed by the IA, SFC & MPFA), you are required to undergo the Mandatory Reference Checking. Our responsible recruiter will inform you the details of the MRC process and the requirements in due course. For details, please click here .

Job ID  499547
More Jobs From Bank Of China (Hong Kong) Limited
Bank Of China (Hong Kong) Limited
(Senior) Business Compliance & Risk Control Manager (Southeast Asian Entities)
Bank Of China (Hong Kong) Limited
Hong Kong
7 minutes ago Full time Competitive
Bank Of China (Hong Kong) Limited
Technology Risk Manager (Internal Control & Production Safety Management)
Bank Of China (Hong Kong) Limited
Hong Kong
2 days ago Full time Competitive
Bank Of China (Hong Kong) Limited
(Senior) Application Development Manager
Bank Of China (Hong Kong) Limited
Hong Kong
7 minutes ago Full time Competitive
Bank Of China (Hong Kong) Limited
(Senior) Network Engineer
Bank Of China (Hong Kong) Limited
Hong Kong
7 minutes ago Full time Competitive
Bank Of China (Hong Kong) Limited
Application Development Manager (Mainframe)
Bank Of China (Hong Kong) Limited
Hong Kong
7 minutes ago Full time Competitive
Bank Of China (Hong Kong) Limited
(Senior) Business Technology Manager (Corporate Banking / Custody)
Bank Of China (Hong Kong) Limited
Hong Kong
7 minutes ago Full time Competitive
Bank Of China (Hong Kong) Limited
Business Technology Analyst ( Open Platform )
Bank Of China (Hong Kong) Limited
Hong Kong
7 minutes ago Full time Competitive
Bank Of China (Hong Kong) Limited
(Senior) Application Development Manager (Corporate Banking / Custody / Cash Management / Payment Collection)
Bank Of China (Hong Kong) Limited
Hong Kong
10 hours ago Full time Competitive
Bank Of China (Hong Kong) Limited
(Senior) Data Analyst (AI Data Management)
Bank Of China (Hong Kong) Limited
Hong Kong
11 hours ago Full time Competitive
Bank Of China (Hong Kong) Limited
Business Technology Manager (Affiliated and Overseas Entities IT Risk Control)
Bank Of China (Hong Kong) Limited
Hong Kong
11 hours ago Full time Competitive

Boost your career

Find thousands of job opportunities by signing up to eFinancialCareers today.
More Jobs Like This