Job Description:
- Develop and implement the bank’s information and cyber security strategy and program.
- Conduct regular risk assessments and vulnerability testing to identify potential security threats and weaknesses in the bank’s systems and processes.
- Develop and maintain security policies, standards, and procedures to ensure compliance with applicable regulations and industry best practices.
- Implement and manage security controls, including firewalls, intrusion detection and prevention systems, and network access control systems.
- Monitor and analyze security incidents, and respond to security breaches, cyber attacks, and other security incidents as necessary.
- Work with other departments to ensure that security risks are identified and addressed in a timely manner.
- Develop and deliver security awareness training to bank staff to increase their security awareness.
- Establish and maintain relationships with external information and cyber security organizations, vendors, and other industry leaders to stay current with emerging trends and best practices.
Job Requirements:
- 5+ years of working experience in information security management, preferably in a banking or financial services industry.
- Relevant certifications such as CISSP, CISM, or CEH.
- Strong understanding of information security principles, practices, and technologies.
- Familiarity with security technologies such as firewalls, intrusion detection and prevention systems, and network access control systems.
- Knowledge of risk management and governance frameworks.
- Strong analytical and problem-solving skills to identify and mitigate security risks.
- Excellent communication skills to effectively communicate information security risks and recommendations to stakeholders, including senior management and the board of directors.
- Excellent command of both spoken and written Chinese and English.
Languages
Fluent in Cantonese, English and Mandarin