Back to job search

Senior Technical Manager, Technology and Cyber Risk

  • Location:

    Hong Kong

  • Sector:

    Risk & Compliance

  • Job type:

    Permanent

  • Salary:

    Negotiable

  • Contact:

    Marno Meyer

  • Contact email:

    Marno.Meyer@oliverjames.com

  • Job ref:

    JOB-112022-185920_1667800498

  • Published:

    circa un mese fa

  • Expiry date:

    2022-12-07

Exciting opportunity with a leading Hong Kong Company. As as Senior Technical Manager in Technology and Cyber Risk. Join an ever growing Cyber Security Team helping enhance and evolving of the TRM program and framework, including execution of targeted risk assessments on holistic technology risk and enhance current practices to mitigate cyber risk and establish the risk framework.

  • Support and drive security management's directives in priority.
  • Contribute to the enhancement and evolution of the TRM program and framework, including execution of targeted risk assessments on holistic technology risk and enhance current practices to mitigate cyber risks and the establishment of a risk framework.
  • Align risk appetite and fine-tune processes necessary within the business
  • Follow and execute risk management practices with Risk Registers, Issue Management, Risk & Controls Library, Impact Thresholds, Risk Reporting, Controls Testing, and Security Governance.
  • Assess risks based on policy, standards, technology compliance requirements and best practices IT and business projects and activities.
  • Ensure security measures properly adopted for risk mitigation.
  • Risk exception and acceptance must be well governed, timely validated and properly escalated.
  • Prepare reporting to senior management on the current security posture.
  • Partner with Information Security and IT teams and to implement appropriate solutions to mitigate exposure as needed
  • Promote and conduct security awareness programme.
  • Contribute to third-party risk management and well engage with and manage audit activities.
  • Participate and contribute positively to create a diverse and inclusive culture with trust and respect. Play an active role to support cross team/division/department efforts and model collaborative behaviours.

Requirements:

  • Sound experience working in technology risk management
  • Strong consulting background in IT/Security/ IT Audit is desired.
  • At least 8 years of experience in IT technical roles and audit, 3 years of hand-on in technology risk assessment and security compliance aspects.
  • CISA, CISSP, CRISC or equivalent is preferable.
  • Experience in adopting risk-based assessment methodologies and engaging audit counter-parts.
  • Experience in performing risk assessment and evaluation.
  • Experience in reporting risk tailored to IT and business stakeholders about most significant risks to the business.
  • Competency consulting background in IT, Cyber Security and/or IT Audit and Control Compliance.
  • Competency interacting with seasoned colleagues on Technology and Cybersecurity Risk, Audit and compliance agenda.
  • Experience in building risk awareness amongst staff by providing support and training within the company.
  • Effectively manage multiple priorities, work independently and in a team-oriented and collaborative environment.
  • An aptitude for technical writing e.g. assessment reports, presentations, management dashboard and risk indicators/metrics.
  • Knowledge of ISMS, ISO27000, ISO31000 and other major information security frameworks/Practices e.g. NIST, COBIT etc.
  • Strong knowledge of Audit control framework, IT general controls, Cybersecurity Risk, Tech Risk (including infrastructure, cloud and applications security).
  • IT background with operations, enterprise networking, operating systems and database security risk controls.
  • Sound skill across: DevSecOps, cloud security, PII, GDPR, and Cyber security laws.
  • High problem solving, risk management and analytical skills.
  • Ability to effectively manage multiple priorities.
  • Strong interpersonal, management, negotiation and presentation skill.
  • Ability to interact with seasoned colleagues on Technology Risk agenda.
  • Ability to contribute to effective governance at management entity level

Image 2022 03 22 T16 58 33

A Milano si cercano professionisti del recruiting. Parte l’Academy di Oliver James