Your new company

MNC Regional Bank

Your new role

• Plan, design and operate information security solutions and services to safeguard the bank’s network and system.
• Act as the subject matter expert of red team exercise and application penetration test
• Manage information security programmes such as vulnerability management, Network Access Control, SIEM and DLP programmes
• Provide technical guidance to systems and network team regarding security configurations
• Define and design adequate security controls to maintain secure control environment.
• Maintain Cyber Incident Response plan and playbook. Conduct cyber incident response drill in regular basis.
• Assist in communicating technology risk management policies, standards and procedures to stakeholders.
• Analyze cybersecurity incidents and make recommendations on remedial actions.
• Provide security advisory service to stakeholders on new initiatives and development projects.
• Conduct regular security assessment on systems, network and IT infrastructure
• Act as project manager role on information security projects.

What you'll need to succeed

• Minimum 5 years of relevant work experience in technology risk, information security and cybersecurity.
• University graduate in Computer Science / Information Technology or equivalent.
• Possess one or more professional certificates listed below:
• ISC2 Certified Information Security Professional (CISSP)
• ISACA Certified Information System Auditor (CISA)
• ISACA Certified Information Security Manager (CISM)
• SC2 Certified Cloud Security Professional (CCSP)
• Solid experience in vulnerability management, penetration test and technology risk assessment.
• Sound knowledge in Public Key Infrastructure (PKI), Internet vulnerability, cybersecurity, firewalls, Intrusion Detection/Prevention System and application security of finance/banking systems.
• Solid experience in regulators’ requirement on technology risk management including the Supervisory Policy Manuals of HKMA, Cyber Resilience Assessment Framework (CRAF), Personal Data Privacy Ordinance, PCI Data Security Standard, SFC guidelines and Customer Security Controls Framework of SWIFT
• Strong communication skill, both in Chinese and English.
• Mature, independent and able to deliver quality results under tight schedule

What you'll get in return

Great remuneration

What you need to do now

If you're interested in this role, please send your resume to eddie.chow@hays.com.hk

If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career.