China Construction Bank

AVP, Technology Risk Management

China Construction Bank
Full Time
Central
Non-specified
Intermediate (3-6 years)
Bachelor
English, Mandarin (Putonghua)

Job Description

AVP, Technology Risk Management

Location: Hong Kong

Responsibilities

- Manage the technology risk management processes to identify emerging or existing technology-related risks, measure the impact, likelihood and direction of technology-related risks, regularly monitor any technology-related issues or incidents, control the risks through preventive, compensating and contingency measures. Establish and enforces standard of process related to Technology Risk Management
- Manage the IT security function to ensure strict adherence to the corporate security control requirements, establishes corporate security policies/standards/baselines, establish departmental procedures, oversee security administration and control, and conducts regular security profile review
- Manage and monitor project progress to ensure consistency and uniformity in IT security related project delivery
- Manage cyber security risk and perform investigation of any technology-related frauds and incidents
- Support internal/external/regulatory audit review and conduct service provider review
- Ensure awareness of and compliance with IT control policies, corporate standards and regulatory requirements

Qualification

- University degree in Computer Science or equivalent
- Minimum 5 years' of relevant working experience, preferably in Banking and Finance industry
- Strong understanding of Information Technology Risk Management; broad knowledge of database, operating systems and information security practices
- Customer-oriented, strong communication, interpersonal and negotiation skills
- Holder of CISSP / CISA / CISM certification is preferred
- Proficiency in spoken and written English and Mandarin


Professional Qualifications

  • Certified Information System Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)

Technical Skills

  • Audit
  • IT Security
  • Risk Management