Hong Kong Exchanges and Clearing Limited

Assistant Vice President - Group Risk Management (Group Cyber & Technology Risk Management)

Hong Kong Exchanges and Clearing Limited
Salary negotiable
Posted on 09 Jul 2020

Assistant Vice President - Group Risk Management (Group Cyber & Technology Risk Management)

Hong Kong Exchanges and Clearing Limited

Job Highlights

  • See job description.
  • See job description.
  • See job description.

Job Description

Job Responsibilities 

  • Support the development of policies, controls, standards and procedures that incorporate all applicable legislative requirements, industry standards and best practices. Consult on the implementation where necessary 
  • Monitor information security trends and changes in the threat landscape.  Keep senior management and relevant stakeholders informed. Propose projects/changes activities to address control gaps  
  • Deliver compliance and governance reporting, including developing and maintaining key risk and performance indicators 
  • Work with senior stakeholders to maintain an information security management system (ISMS) and develop  an information security strategy 
  • Drive alignment, integration and consistency of security management across the Group. Identify and escalate significant variances
  • Support the delivery of security risk assessments and 2nd line compliance assurance programmes. Manage security risk register/enterprise security risk profile
  • Support the resolution of cyber security audit actions
  • Support investigation of security breaches and pursue associated forensic analysis, disciplinary and legal matters.
  • Support security governance committee meetings. Prepare management reports, consultative papers and presentation materials
  • Liaise with key stakeholders in information technology regarding information security initiatives
  • Provide guidance, awareness training and advocacy of information security and data privacy across the group
  • Develop relationships with industry partners, law enforcement, regulators and other related government agencies

Job Requirements

  • An intelligent, articulate, consensus building, persuasive individual with highly effective communication skills for delivering information security/data privacy messages to a broad range of technical and non-technical audiences
  • University degree in business, technology, information security, computer science or related fields of study 
  • 6-7 years’ experience in multinational financial institutions or consulting organizations preferred
  • Project management experience and literate in IT risk management, IT risk auditing and/or compliance
  • Strong knowledge in IT environment and security related controls from both a tactical and strategic viewpoint
  • CISSP or other security certification/accreditation preferable 
  • Knowledge of regulatory developments and supervisory practices 
  • Knowledge of NIST Cyber Security Framework (CSF) and/or Identity & Access Management (IAM) technologies and processes advantageous but essential

Applicants who do not hear from us within 6 weeks may consider their applications unsuccessful.  Personal data provided will only be used for the purpose of employment application to HKEX.

Additional Information

Career Level
Middle
Qualification
Degree
Years of Experience
6 years
Job Type
Full Time
Company Website

Company Overview

See Job Description

Additional Company Information