Assistant Vice President - Operational & Technology Risk
China CITIC Bank International Limited
May 2, 2020
Identify, monitor and report technology and cyber risk for the Bank
Conduct technology risk assessment and advise management on the status of risk acceptance or mitigation when residual risk persists
Conduct cyber risk maturity assessment and facilitate and independent assessment against the bank technology initiative according to regulatory requirement
Support and maintain the Bank's TRM Governance Framework from Second Line of Defense perspective
Conduct technology assurance review and test against the Bank's control standard
Be the focal point of external audit and regulators on technology risk related engagements
Provide consultancy and advice to the adoption of emerging and disrupting technologies by new initiatives and products in relation to technology risk
Prepare the bank-wide awareness or education program to promote the security cultures of the Bank
Degree holder preferably in Information Technology or relevant discipline
Minimum 5 years' related experience in Technology or Cyber Risk Management, preferably gained from banking or other financial industry
Obtained at least one of the Professional Level qualification of Relevant Practitioner under the HKMA ECF on Cybersecurity
Sound knowledge in cryptography, firewall/network, DLP, APT, DDoS, IAM and vulnerability management
Experience in technology controls against DevOps, Agile Delivery and CI/CD on Cloud platform is a plus
Basic knowledge of the retail bank products and operations
Critical thinking mindset and feel comfortable to challenge status-quo
Familiar with regulatory requirements such as HKMA SPM, C-RAF, iCAST, MAS TRM and PCI-DSS
Good command of spoken and written English and Chinese (including Putonghua)
For more details about career opportunities with the Bank, please visit our website http://www.cncbinternational.com/careers/en/index.jsp. Please apply with full resume stating current and expected salaries.
Personal data collected will be used for recruitment related purposes only. Applicants not invited for interview within 6 weeks may consider their applications unsuccessful. However, applicants may be considered for other suitable positions within the Group for a period of not more than 2 years. Personal data will be destroyed at any time after 3 months.
China CITIC Bank International is committed to being an equal opportunities employer and intends to provide a work environment free of unlawful discrimination or harassment. All employment decisions will be made in a non-discriminatory manner.