Hong Kong Exchanges and Clearing Limited

Assistant Vice President - Group Risk Management (Group Cyber & Technology Risk Management)

Hong Kong Exchanges and Clearing Limited
Salary negotiable
Posted on 09 Jul 2020

Assistant Vice President - Group Risk Management (Group Cyber & Technology Risk Management)

Hong Kong Exchanges and Clearing Limited

Job Highlights

  • See job description.
  • See job description.
  • See job description.

Job Description

Job Responsibilities 

  • Support the development of policies, controls, standards and procedures that incorporate all applicable legislative requirements, industry standards and best practices. Consult on the implementation where necessary 
  • Monitor information security trends and changes in the threat landscape.  Keep senior management and relevant stakeholders informed. Propose projects/changes activities to address control gaps  
  • Deliver compliance and governance reporting, including developing and maintaining key risk and performance indicators 
  • Work with senior stakeholders to maintain an information security management system (ISMS) and develop  an information security strategy 
  • Drive alignment, integration and consistency of security management across the Group. Identify and escalate significant variances
  • Support the delivery of security risk assessments and 2nd line compliance assurance programmes. Manage security risk register/enterprise security risk profile
  • Support the resolution of cyber security audit actions
  • Support investigation of security breaches and pursue associated forensic analysis, disciplinary and legal matters.
  • Support security governance committee meetings. Prepare management reports, consultative papers and presentation materials
  • Liaise with key stakeholders in information technology regarding information security initiatives
  • Provide guidance, awareness training and advocacy of information security and data privacy across the group
  • Develop relationships with industry partners, law enforcement, regulators and other related government agencies

Job Requirements

  • An intelligent, articulate, consensus building, persuasive individual with highly effective communication skills for delivering information security/data privacy messages to a broad range of technical and non-technical audiences
  • University degree in business, technology, information security, computer science or related fields of study 
  • 6-7 years’ experience in multinational financial institutions or consulting organizations preferred
  • Project management experience and literate in IT risk management, IT risk auditing and/or compliance
  • Strong knowledge in IT environment and security related controls from both a tactical and strategic viewpoint
  • CISSP or other security certification/accreditation preferable 
  • Knowledge of regulatory developments and supervisory practices 
  • Knowledge of NIST Cyber Security Framework (CSF) and/or Identity & Access Management (IAM) technologies and processes advantageous but essential

Applicants who do not hear from us within 6 weeks may consider their applications unsuccessful.  Personal data provided will only be used for the purpose of employment application to HKEX.

Additional Information

Career Level
Years of Experience
6 years
Job Type
Full Time
Company Website

Company Overview

See Job Description

Additional Company Information