Hang Seng Bank Ltd

Chief Information Security Officer

Hang Seng Bank Ltd
Posted on 16-Apr-21

Chief Information Security Officer

Hang Seng Bank Ltd

Job Highlights

  • University degree in a related discipline
  • Over 8 years’ experience in IT security
  • Proficiency in both English and Chinese

Job Description

Information Technology

In Hang Sang Information Technology, we continually improve our capabilities through innovative technologies, delivering a comprehensive range of products and services in meeting changing customer needs.  We enhance customer experience, convenience and choices across our distribution channels, providing secure and engaged offering at individual’s preference and lifestyle expectation.  We advocate creativity and collaboration to unlock the potential of our people, creating an open and progressive workplace.  We develop deep expertise in financial technologies, consulting and partnering with our business in delivering customer centric propositions in an agile manner

We are currently seeking a high caliber professional to join our department as the Chief Information Security Officer.

Principal responsibilities:

  • Leading cybersecurity strategy for the Bank and devising effective governance of information security and data protection, meeting risk appetite of the business and supporting safely our growth agenda
  • Implementing the cybersecurity improvement programme and driving continual enhancement of bank-wide cybersecurity posture and defense
  • Providing cybersecurity consultancy to the business, managing security reviews of new propositions or system changes in ensuring robust design and standards 
  • Designing secure application and effective infrastructure controls, enabling the business to securely adopt emerging technologies and innovation, including digital, data, cloud, AI/MI and other fintech solutions
  • Ensuring cybersecurity compliance of regulatory requirements and Group policies, through exercising strong governance in conjunction with risk and control functions and in active consultation in bank-wide risk forums
  • Promoting secure development in the IT community and integrating cybersecurity practices and tooling effectively into the DevSecOps model
  • Preparing the organisation for cybersecurity incidents with response plan and actively managing the risks and impacts of cybersecurity exceptions and threats
  • Continually raising awareness of cybersecurity importance through regular communication, training and knowledge sharing across all employees, and with attention to special groups like senior management, high risk roles etc.
  • Keeping abreast of latest technological development in cybersecurity and maintaining network of market intelligence with the industry, including banking peers, regulators, law enforcement, technology partners etc.
  • Managing a team of cybersecurity subject matter experts in protecting the Bank and our customers, and enhancing their skills through continuous learning and professional certification​​​​​​​​​​​​​​

Requirements

  • University degree in information technology or related disciplines
  • Over 8 years’ experience in cybersecurity and risk management areas, with professional security management certification e.g. CISSP,CISM,CISA,CRISC etc.
  • Strong technical, development or infrastructure skills and well versed with cybersecurity technology and tooling, inclusive of frameworks and best practices, e.g. ISO/IEC 27001, GASSP, NIST etc
  • People management experience and leadership skills in driving a high performance team
  • Strong communication, analytical, problem solving and stakeholder management skills
  • Past experience in delivering change in agile and devsecops model 
  • Exposure in working with a diverse culture, with international or regional teams
  • Experience in banking or financial services is an advantage
  • Great sense of ownership and servicing mindset to ensure efficient and effective customer service processes

The health and safety of our employees and candidates is very important to us. Due to the current situation related to the Novel Coronavirus (2019-nCoV), we’re leveraging our digital capabilities to ensure we can continue to recruit top talent at the HSBC Group.  As your application progresses, you may be asked to use one of our digital tools to help you through your recruitment journey.  If so, one of our Resourcing colleagues will explain how our video-interviewing technology will be used throughout the recruitment process and will be on hand to answer any questions you might have.

All information provided by applicants will be used only for recruitment purposes and will be used strictly in accordance with the Bank's personal data policies, a copy of which may be obtained by the applicant upon request. Unless otherwise instructed in writing by the applicant concerned, applicants may be considered for other suitable positions within the Bank and its related companies. The personal data of unsuccessful job applicants may be retained for a maximum of two years from the date when the job application is rejected and such data may be retained for a longer period if there is a subsisting reason that obliges the Bank to do so, after which the personal data will be destroyed.

Additional Information

Career Level
Top
Qualification
Degree
Years of Experience
8 years
Job Type
Full Time, Permanent

Company Overview

A Career with Hang Seng Bank

Hang Seng is committed to service excellence. Our people are our most important asset and play a vital role in our efforts to continually enhance our performance for customers and provide best-in-class products and services. We seek to attract high-calibre talent by offering a dynamic working environment, good career development opportunities and competitive compensation packages.

Additional Company Information

Industry
Financial Services