Information & Cyber Security Risk Management – Director

Job Title: Information & Cyber Security Risk Management – Director
Contract Type: Permanent
Location: Hong Kong
Reference: AF/ICSRM/004
Contact Name: Aily Foo
Contact Email:
Job Published: April 12, 2019 14:59

Job Description

  • Information & Cyber Security Risk Management 
  • Three lines of defence risk model
  • Virtual Bank

Our client, a virtual bank is looking for an Information & Cyber Security Risk Management – Director level to join their company. Candidate who come with fintech background are highly preferable.

Key Responsibilities

  • Direct the design of the Bank’s 1LoD in managing information and cyber security risk, encompassing the areas of strategy, governance, business engagement, policy, risk assessment, and awareness
  • Partner with the Virtual Bank’s Chief Information Security Officer and Information and Cyber Security Specialists to implement first line controls in managing information and cyber security risk
  • Build a strong risk control framework within a fast-paced technology banking environment
  • Design, implement, and monitor healthy first line controls for technology whilst upholding the integrity of technology and operational risk within risk appetite
  • Support the Head of Technology Risk Governance in providing a focal point of managing information and cyber security risk in the virtual bank, including the design of effective controls and the systematic monitoring of risks

Key Requirements

  • Solid experience in information security and risk management
  • Experience in governance, risk management, or operational risk
  • Experience in the three lines of defence risk model
  • Ability to understand and overcome the differences in the risk management of an agile bank compared to a traditional bank
  • A respectful and balanced attitude towards both risk management and business development
  • Excellent communication and organisational skills
  • Certifications in the following areas are desirable, though not mandatory: Certified Information Systems Auditor (CISA); Certified Information Systems Security Professional (CISSP); or other equivalent qualification

For more senior job postings, market Intel and commentary please follow us on LinkedIn, Facebook "Space Executive" and Twitter @spaceexecutive.