Technology Risk Management Officer / Manager



Technical Skills

  • Audit
  • Big Data
  • Compliance
  • Computer Security
  • Information Security
  • IT Security
  • Network Security
  • Risk Management
  • Social Media

Job Description

Technology Risk Management Officer / Manager

Location: Hong Kong


  • Provide advisory and recommendation from risk perspective
  • Assist to define security architecture for the organization infrastructure and application
  • Research and evaluate on latest security threats and technology solutions, such as Cloud, Big Data, Social Networking and Mobility
  • Assist to establish and implement the assessment on outsourcing/third party security control
  • Assist to establish and maintain security standards and guidelines with focus on application and network security
  • Assist in establishing security baseline for key IT processes
  • Plan, coordinate and drive IT security program to enhance secure posture assessment for critical information systems
  • Proactively work with vendors to understand the up-to-date related technology for the possible Company implementation feasibility
  • Assist to establish review processes on information security operation
  • Work with the IT operation partners to monitor any system and network security threat and to apply quick remediation action
  • Assist to build and manage computer security incident response program
  • Assist to manage compliance measurement of security patch compliance for corporate infrastructure
  • Assist to manage independent penetration test for the corporate infrastructure
  • Assist in reviewing IT initiatives from technology risk perspectives
  • Report findings on security inefficiencies and provide recommendation for improvement
  • Assist in planning of technology related risk management strategies, processes and work plans
  • Assist to establish security dashboard with key risk indicators



  • Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline
  • Over 2 years of experience in IT security, technology risk, risk management, compliance or IT audit function, gained from other sizable financial institutions
  • Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM) or Certified Internal Auditors (CIA) preferable
  • Sound knowledge of network security or platform security
  • Good command of written and spoken English with Mandarin is preferable
  • Good communication and interpersonal skills
  • Independent and strong self-initiative
Employment TypeFull-time
Education LevelBachelor
QualificationCertified Information System Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Internal Auditor
LanguageEnglish, Mandarin (Putonghua)
Bank of ChinaInvestment Banking and Brokerage

24/F Bank of China Tower 1 Garden Road Hong Kong

directions_walk10 mins walk from Admiralty Station