A Career with Hang Seng Bank
Hang Seng is committed to service excellence. Our people are our most important asset and play a vital role in our efforts to continually enhance our performance for customers and provide best-in-class products and services.
We seek to attract high-calibre talent by offering a dynamic working environment, good career development opportunities and competitive compensation packages.
Manager, Information Security Control
Risk & Compliance Information Security Risk
Hang Seng's Risk and Compliance ("RKM") strives to maintain a well-balanced risk profile for the Bank while enabling businesses to thrive.
Our team actively manages a varied and dynamic range of risk types. We are dedicated to collaborate with businesses, other functional units and regulatory bodies to develop and implement robust and customized risk management frameworks and measures to maintain the strong market position of the Bank.
Information Security Risk protects information and computer resources against unauthorised access through administration of logical user access controls, implementation of IT security solutions, and establishment of related policies, standards and procedures.
We are currently seeking a high caliber professional to join our department as Manager, Information Security Control.
Lead the development, implementation and maintenance of the cyber security risk controls and ensure its effectiveness
Provide expert advice and guidance to the Business / Functions on cyber security risk profile of the Bank
Provide guidance, consultancy and support to businesses and functions in identifying and managing cyber security risk, as well as the controls
Keep abreast of the latest cyber security threat landscape, evaluate the potential impact to the Bank
Perform independent reviews and provide assurance on cyber security risk
Review and challenge cyber security risk assessments and provide guidance to businesses and functions for products and services
Maintain and observe the Bank’s internal control standards, implement and observe the Bank’s policies of Information Security Risk
Enhance the IT and information security education and awareness programs within the Bank.
University degree in Computer Science or related discipline
Over 8 years’ experience in IT security and risk management area
Working experience in operational risk management at senior management level and the banking industry will be an advantage
Strong technical or security skills related to IT applications and infrastructure in financial institution
Solid experience in information security control review
Good knowledge in banking environment
Knowledge of banking regulations / guidelines relating to cyber security and technology risk management
Strong self-motivation, with good communication, interpersonal and analytical skills
Able to work independently and under pressure
Possess professional qualification such as CISM, CISA, CRISC and CISSP will be an advantage
Good command of both spoken and written English and Chinese; Mandarin is an advantage
Great sense of ownership and servicing mindset to ensure efficient and effective customer service processes