Duties- Serve a permanent position to a financial institution;
Our Client is a private company jointly owned by the Hong Kong Monetary Authority (HKMA) and The Hong Kong Association of Banks. The key objective of HKICL is to develop and operate a safe and efficient multi-currency and multi-dimensional financial infrastructure in Hong Kong. At present, it operates an integrated financial infrastructure platform for:
Interbank large-value fund transfers denominated in HKD, USD, Euro and RMB;
Interbank money settlement of equity and debt securities transactions in Hong Kong via linkage established with the Hong Kong Securities Clearing Company Limited and Central Moneymarkets Unit (CMU) system;
Interbank small-value fund transfers denominated in HKD and RMB, i.e. the HKD and RMB Faster Payment System;
Interbank clearing and/or money settlement of retail payments in Hong Kong such as paper cheques, autocredits, credit card payments, etc.;
the HKMA's CMU system as a computer operator.
Major Responsibilities:
Manage the company's cyber security posture;
Initiate and develop mitigation actions for any identified improvement areas or adverse trends;
Establish process for cyber threat intelligence collection, analysis and dissemination process;
Conduct cyber resilience related assessments for the company and provide input to risk metrics reporting;
Coordinate and develop cyber resilience strategy for the company, provide interpretation of cyber resilience controls and regulatory requirements, and recommend industry best practices and cyber resilience controls enhancement;
Coordination with relevant parties for preparing cyber security budget;
Manage the Security Operations Center (SOC);
Liaise with internal and external auditors in performing cyber resilience assessment and intelligence-led cyber attack simulation testing (iCAST);
Define the cyber security and resilience requirements, work with relevant parties on architectural design for the projects and on-going enhancements;
Perform any other ad hoc duties or projects as assigned.
Requirements:
University education preferably in information technology, cyber security, computer science or related discipline;
Minimum 6 years of experience in cyber security, technology risk management and auditing;
Good understanding of technology risk management and cyber security best practices, with broad knowledge of cyber risk and security issues, requirement, trends, and data privacy and industry practices;
Familiar with ISO27001 and HKMA CFI 2.0 framework, technology risk management and cyber security related guidelines. Certification of CISA, CISM, CDPSE, CISSP and/or CEH is preferred;
Team player with sound interpersonal and communication skills as well as excellent problem solving and analytical skills;
Good command of written and spoken English and Chinese;
Good presentation, documentation and report writing skills;
Candidates with more experience may be considered for the position of Senior Manager (Cyber Resilience).
Work Outside Current Location:N/A
Last Update:08 Oct 2024
Apply To:******
Direct Line:3978 8012#J-18808-Ljbffr