Technology and Operations (T&O) enables and empowers the bank with anefficient, nimble and resilient infrastructure through a strategic focus onproductivity, quality & control, technology, people capability andinnovation.
In T&O, we manage the majority of the Bank's operationalprocesses and inspire to delight our business partners through our multiplebanking delivery channels.
Assist in providing assurance that significant IT risks are effectively managed and that related controls are performing as desired in respective country.
Coordinate all internal and external audit tasks and regulatory examinations and manage the RFIs in the TS Audit Portal
Timely input of all risk items in the Risk & Control Self Assessments (RCSA) template and lodging of risk items into GRC system
Timely track and validate the follow up actions and ensure timely closure of all audit, self-raised and regulatory issues in GRC
Assist to collect and prepare materials on residual risks, vulnerabilities, GRC items and other security exposures and non-
compliance issues for management reporting
Assist in thematic IT risk reviews and security assessments and follow up of any issues raised in the HK Tech Risk Forum
Tertiary education in Information Technology
4 years of banking experience, in which 2 years in related IT security or technology risk role
Certification in information security disciplines such as CSX, CISA, CISM or CISSP is highly preferred
Experience with common information security management frameworks such as ISO 27001, Cobit or PCI standards
Experience with security technologies such as DLP, SIEM, cloud security could be an advantage
Good skills in Microsoft Excel and Powerpoint
Good writing and presentation skills