Technology & Information Security Risk Manager / Officer

Intermediate (3-6 years)


Technical Skills

  • Information Security
  • ISO
  • Risk Management
  • Sarbanes-Oxley

Job Description

Technology & Information Security Risk Manager / Officer


  • Assist the Head of TISR to establish and maintain Technology and Information security risk oversight and risk sensing through insightful analysis of integrated KRIs
  • Assist the Head of TISR to establish and drive the periodic attestation programme on effectiveness of OCBC Wing Hang Bank Group's Technology and Information Security Risk Management
  • Conduct information and cyber security review on effectiveness of service providers' security controls
  • Assist the Head of TISR to organize TISR related working committees related to technology risk or information security to maintain effective risk oversight


  • University degree in Technology or Information Security related studies
  • Professional qualifications: CISSP., CISSA, CISM and / or CRISC qualified; ITIL certification advantageous
  • At least 3 years of experience in technology or information security risk management in Financial Services Industry
  • Fieldwork experience in security risk management and controls with service providers
  • Good knowledge of IT management controls, processes and best practices. Familiar with industry security standards, primarily ISO 27001, SABSA and regulatory guidelines (e.g. HKMA, PDPO, SOX)
  • Strong written & communication skills; with ability to interact and engage with all levels of management
  • A good team player, ability to work under pressure and respond to tight deadlines with minimal supervision
Employment TypeFull-time
Career LevelIntermediate (3-6 years)
Education LevelBachelor
QualificationCertified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), ITIL Practitioner Level