Information Systems Security Manager (TISO)
Description - Review and enforce information security policy, standards and guidelines for IT business application and infrastructure projects
- Identify IT security risks including IT business application and infrastructure projects
- Conduct security assessments for business application, infrastructure projects and third-party service providers
- Undertake new security projects to improve the security controls, efficiency and ease of use
- Perform process re-engineering and efficiency improvement for the team
#LI-LJY
Qualifications Job Qualifications - Degree in Computer Science or equivalent.
- Certified Information Systems Security Professional, Certified Information Systems Auditor or Certified Risk and Information System Control, Certified Ethical Hacker, will be desired.
- Independent and able to perform tasks with minimum supervision.
- Excellent communication and interpersonal skills with good command of English.
- Have a very strong commitment to personal development and drive to develop oneself technically and professionally.
- Knowledgeable in IT controls, application security and risk management methodology.
- Competent in conducting infrastructure, application and third-party security risk assessment.
- Familiarity in Digital Banking and FinTech solutions will be an advantage.
- Has in-depth knowledge of information security risks, concepts of new technologies, such as blockchain, cloud, mobile payment, Hadoop, etc.
- Knowledgeable with cryptographic algorithm/functions and key management.
- Knowledgeable in compliance with MAS TRM, ABS, BNM, HKMA, CBRC, etc, guidelines and regulatory notices.
- Knowledgeable in application penetration testing methodologies, such as OWASP will be an advantage.
- Knowledgeable with application development experience and programming/coding will be an advantage .
