NP Solution Limited

Information Security / Technology Risk Managers ( 2 Positions )

NP Solution Limited
Salary provided
Posted on 08 Apr 2021

Information Security / Technology Risk Managers ( 2 Positions )

NP Solution Limited

Job Highlights

  • University graduate in Computer Science
  • 5 years at managerial level
  • Holder of CRISC / CISA / CISM / CISSP

Job Description

Job 1: Information Security Manager (R&C) (Cybersecurity) - HK Listed Bank
  • To lead a team to conduct threat intelligence analysis and suggest necessary controls to mitigate security risks to the Bank
  • To perform threat hunting to detect anomalous behaviors over the network and endpoints so as to reduce impact to the Bank
  • To work collaboratively with corporate risk and compliance, internal audit and various technical teams in the design and implementation of audit, risk assessment and regulatory compliance practices for the department
  • To conduct research for current and emerging threats and analyze various threat intelligence and suggest actionable information to mitigate risks
  • To discuss with external research analysts in understanding cyber security perspective and propose necessary controls for the Bank

  • University graduate in Computer Science or a related discipline
  • Minimum 10 years’ working experience in IT sector covering the followings with at least 5 years in management role in technology audit or cyber and information security
  • Certified in CISSP, CISA or related professional certification
  • Sound knowledge in IT security services
  • Good project management and leadership skills and risk awareness
  • Excellent analytical mindset
  • Strong interpersonal skills and collaboration ability
  • Good command of both written and spoken English and Chinese, fluent in Putonghua is preferable

Job 2: Technology Risk Manager - Financial Institute

  • Manage technological risk by ensuring controls are properly designed, implemented and operated as intended in meeting various international / domestic standards and regulatory requirements
  • Develop and maintain corporate-wide technology risk management framework, policy, guideline, standard, and operation procedures with reference to applicable best practices
  • Define technology risk indicators; collect, analyse and interpret the corresponding statistics for assisting senior management in overseeing technology risk
  • Identify control gaps, review the residual risk level and make recommendation for risk treatment
  • Recommend technology risk and security control measures and monitor the implementation for major projects
  • Analyse security events for detection, investigation and response to potential security issue
  • Maintain and monitor appropriate computer and network access controls, data, and physical security to ensure no security exposure
  • Promote security awareness for all level of staff members
  • Perform other duties as assigned by supervisor(s)

  • University degree preferably in information technology or related discipline
  • Minimum 7 years of experience in technology risk / information security with in-depth exposure to system, network and application security, and production control methodologies, with at least 3 years’ experience at managerial level
  • Expertise in security practices and standards commonly adopted by the banking/financial industry such as the Cyber Resilience Assessment Framework (C-RAF), ISO27001 standard, etc.
  • Team player with sound interpersonal, communication and presentation skills as well as excellent problem solving and analytical skills
  • Holder of security certificates - CRISC, CISA, CISM, CISSP or other equivalent certificates is preferred
  • Good command of written and spoken English and Chinese, proficiency in Putonghua is an advantage
  • Familiar with computer audit, ethical hacking methodologies and/or knowledge in SWIFTNet security standard would be an advantage

All information provided will be treated in strict confidence and used solely for recruitment purpose.

For more job opportunities, please visit our website:

Additional Information

Career Level
Years of Experience
8 years
Job Type
Full Time
Company Website

Company Overview

Our client is now looking for dynamic candidates to join their team as the following role.

Interested parties please send your detailed resume with current and expected salary in Microsoft Word format to (Please quote reference number in your job application).

Additional Company Information

Benefits & Others
Five-day work week, Performance bonus