Job Description:
- Developing and implementing a comprehensive technology risk management program that includes policies, procedures, and controls to identify, assess, and mitigate technology risks.
- Providing guidance and direction to business and technology teams on technology risk management issues, and ensuring that technology risks are identified, assessed, and managed in a consistent and effective manner.
- Conducting risk assessments of technology systems, processes, and projects to identify potential risks and vulnerabilities, and developing risk mitigation strategies to address them.
- Collaborating with other risk management functions, such as operational risk and credit risk, to ensure that technology risks are integrated into the overall risk management framework.
- Developing and implementing technology risk reporting and monitoring mechanisms to provide visibility into technology risk exposure, and to identify emerging risks.
- Keeping up-to-date with emerging technology risks and trends, and providing guidance to senior management on the potential impact of these risks on the bank’s business.
- Building and maintaining strong relationships with technology vendors, regulators, and industry peers to stay abreast of best practices and emerging risks.
- Leading and managing a team of technology risk professionals, and ensuring that the team has the necessary skills and expertise to effectively manage technology risks.
Job Requirements:
- Bachelor’s or Master’s degree in Computer Science, Information Technology, or a related field.
- 10-15 years of experience in technology risk management, with at least 5 years of experience in a leadership role.
- Strong understanding of technology risk management principles and frameworks.
- Excellent communication and interpersonal skills, with the ability to build strong relationships with stakeholders at all levels.
- Strong analytical and problem-solving skills, with the ability to identify and assess complex technology risks.
- Experience in working with regulators and auditors on technology risk-related matters.
- Relevant certifications, such as CISSP, CISM, or equivalent.
- Familiar to HKMA regulatory requirements
- Excellent communication and interpersonal skills
- Excellent command of both spoken and written Chinese and English
Languages
Fluent in Cantonese, English and Mandarin