Manager, Information Security Control
Hang Seng Bank Limited
Mongkok, Hong Kong


A Career with Hang Seng Bank

Hang Seng is committed to service excellence. Our people are our most important asset and play a vital role in our efforts to continually enhance our performance for customers and provide best-in-class products and services.

We seek to attract high-calibre talent by offering a dynamic working environment, good career development opportunities and competitive compensation packages.

Manager, Information Security Control

Risk & Compliance Information Security Risk

Hang Seng's Risk and Compliance ("RKM") strives to maintain a well-balanced risk profile for the Bank while enabling businesses to thrive.

Our team actively manages a varied and dynamic range of risk types. We are dedicated to collaborate with businesses, other functional units and regulatory bodies to develop and implement robust and customized risk management frameworks and measures to maintain the strong market position of the Bank.

Information Security Risk protects information and computer resources against unauthorised access through administration of logical user access controls, implementation of IT security solutions, and establishment of related policies, standards and procedures.

We are currently seeking a high caliber professional to join our department as Manager, Information Security Control.

Principal responsibilities

  • Lead the development, implementation and maintenance of the cyber security risk controls and ensure its effectiveness
  • Provide expert advice and guidance to the Business / Functions on cyber security risk profile of the Bank
  • Provide guidance, consultancy and support to businesses and functions in identifying and managing cyber security risk, as well as the controls
  • Keep abreast of the latest cyber security threat landscape, evaluate the potential impact to the Bank
  • Perform independent reviews and provide assurance on cyber security risk
  • Review and challenge cyber security risk assessments and provide guidance to businesses and functions for products and services

  • Maintain and observe the Bank’s internal control standards, implement and observe the Bank’s policies of Information Security Risk
  • Enhance the IT and information security education and awareness programs within the Bank.
  • Requirements

  • University degree in Computer Science or related discipline
  • Over 8 years’ experience in IT security and risk management area
  • Working experience in operational risk management at senior management level and the banking industry will be an advantage
  • Strong technical or security skills related to IT applications and infrastructure in financial institution
  • Solid experience in information security control review
  • Good knowledge in banking environment
  • Knowledge of banking regulations / guidelines relating to cyber security and technology risk management
  • Strong self-motivation, with good communication, interpersonal and analytical skills
  • Able to work independently and under pressure
  • Possess professional qualification such as CISM, CISA, CRISC and CISSP will be an advantage
  • Good command of both spoken and written English and Chinese; Mandarin is an advantage
  • Great sense of ownership and servicing mindset to ensure efficient and effective customer service processes
  • 申請
    通過點擊“持續”,我允許neuvoo同意處理我的數據並向我發送電子郵件提醒,詳見neuvoo的 隱私政策 。我可以隨時撤回我的同意或退訂。