Conduct security design reviews and risk analysis, identify potential security weaknesses in the design, implementation and operation of infrastructure and applications.
Drive the strategy, planning and execution of enterprise security solutions for the Bank.
Lead a Cyber security program of implementation, operation, and sustainment for a comprehensive Bank-wide insider threat program by performing infrastructure/architecture support, designing secure solutions, building roadmap, identifying gaps and improving existing processes.
Identify the used cases of various Cyber technologies.
Define the bank's cyber security requirements, deliverables, understand technical requirements conduct POC and work plan for the project, and delivery.
Undertake new security projects to improve the security controls, efficiency and ease of use.
Evaluate solution proposal from partners and vendors.
Prepare business proposal for new cyber solution for Business approvals.
Degree in Computer Science or equivalent.
Minimum 10 years of experience in Designing and implementation of cyber technologies.
Demonstrate knowledge of security architecture principles, applicable to perimeter defenses, emerging threats, malware defenses, DLP, cryptography etc.
Experience managing the implementation of regional and global information security projects, initiatives and operational process in concert with the relevant stakeholders and teams.
Strong documentation and presentation skills.
Independent and able to perform tasks with minimum supervision.
Excellent communication and interpersonal skills with good command of English.
Experience in doing presentation to Senior Executives.
Have a very strong commitment to personal development and a drive to develop himself / herself technically and professionally.
Knowledgeable in IT controls, Application security and risk management methodology.
Competent in conducting application security/risk assessment.
Familiarity in Digital Banking, FinTech and Outsourcing will be an advantage
Knowledgeable with application development experience and programming/coding will be an advantage.
Knowledgeable with the use of cryptographic controls.
Certifications like CISSP, CCSP and SABSA are advantageous.
Good knowledge in compliance with MAS TRM, ABS, BNM, HKMA, CBRC, etc guidelines and others.