Vice President / Senior Vice President, Senior Information Security Officer, Global Information Security
Bank of America
Hong Kong, Hong Kong

Job Description : Your background

Your background

  • Information Security & Technology professional with 10+ years’ experience;
  • 5+ years of risk management experience with proven ability to effectively apply risk principles to challenging business situations;
  • Proven risk management experience identifying, analyzing and communicating business and security-related risks to the organization and corporate program;
  • Good knowledge to the various areas of information security controls is an advantage;
  • Maintain a broad understanding of Greater China laws and regulatory requirements relating to information security and privacy, industry best practices, exposures, and their impact to the business;
  • Subject matter expertise in application security, vulnerability testing and development of risk appetite;
  • Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms (Cloud, PaaS);
  • Knowledge in Windows, Midrange and Mainframe Platforms with emphasis on security and access controls;
  • Exceptional executive presentation and communication skills;
  • Excellent influencing and problem resolution skills;
  • Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding;
  • Strong leadership skills and qualities which enable you to work with peers and various levels of management.
  • Ability to speak Cantonese or Mandarin or write in Chinese is an advantage;
  • Ability to work with stakeholders in business and technology groups who are based in various locations;
  • Must display knowledge and experience in problem and conflict management;
  • Certificate in information security is preferred.
  • What you can expect

    The Hong Kong Information Security Officer (ISO) function within Global Information Security (GIS) is responsible for information security control enforcement, cybersecurity awareness, and enablement across all lines of business, enterprise functions, technology, and operations teams in Hong Kong.

    The ISO team also leads cybersecurity external engagement.

    Reporting to the Greater China Senior Information Security Officer, the Hong Kong ISO will be a member of the Regional Information Security Officer’s organization for APAC, and work closely with the various functions within the GIS organization as well as the stakeholders in Lines of Business (LOB’s) and Technology teams to develop a strong information security risk-based program.

    This relationship will ensure a focus on the right risk priorities. The Hong Kong ISO will also provide guidance on information security topics, policies and controls.

    What you will do

  • Serves as an Information Security subject matter expert and participates in the development, implementation and maintenance of information security for the line of business (LOB) across Hong Kong.
  • Partners with other Information Security Officers to provide entity-level information security deliverables and proactively support other team members in ensuring regulatory obligations or enterprise priorities are delivered effectively.
  • Effectively supports the Greater China Senior Information Security Officer in key initiatives in Greater China (not limited to Hong Kong).
  • Provides guidance and advocacy regarding the prioritization of LOB investments that impact information security.
  • Advises LOB management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs.
  • Monitors information security trends internal and external to the bank and keeps LOB leadership informed about information security-related landscape and initiatives.
  • Partners with the APAC GIS Policy team and analyzes the regulatory assessment requirements against the bank internal GIS policy and standards.
  • Leads strategic discussions regarding the development, testing, implementation and review of security plans, products and control techniques.
  • Collaborates with risk and control partners on critical information security priorities.
  • Influences and supports business to improve security metrics.
  • Acts as a local point of contact to the LOB during information security incidents.
  • Works with regional GIS teams and Learning team to ensure Greater China end users are trained on information security.
  • Manages quality control and reporting.
  • Ensures compliance with policies and laws.
  • About Bank of America

    Our purpose as a firm is to make financial lives better, through the power of every connection. Across the world, we partner with leading corporate and institutional investors through our offices in more than 35 countries.

    In the U.S. alone, we serve almost all of the Fortune 500 companies and approximately 67 million consumer and small-business clients.

    We provide a full suite of financial products and services, from banking and investments to asset and risk management. We cover a broad range of asset classes, making us a global leader in corporate and investment banking, sales and trading.

    Connecting Asia Pacific to the world

    Our Asia Pacific team is spread across 19 cities in 12 markets. We are focused on connecting Asia to the world and the world to Asia, using our global expertise to ensure success is shared between us, our clients and our communities.

    Our regional footprint covers 12 currencies, more than a dozen languages and five time zones, placing us firmly among the region’s leading financial services companies.


    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    通過點擊“繼續”,我允許neuvoo同意處理我的數據並向我發送電子郵件提醒,詳見neuvoo的 隱私政策 。我可以隨時撤回我的同意或退訂。