CAIA's Career Center is an easy-to-use, comprehensive resource connecting job seekers with employers in the growing AI field. Use your knowledge and credibility to advance your career or build a talented team for your organization. Opportunities targeted to CAIA Charterholders are prioritized.
In order to search for jobs specifically for CAIA Charterholders or those pursuing the CAIA Charter please enter “CAIA” in the search panel.
This will enable you to search for CAIA specific roles globally.
Perform regular risk monitoring and reporting on changing threat landscape
Support the review and enhancement of controls for existing banking services in mitigating emerging technology, information and cyber risks
Provide risk advisory services, including recommendation of risk mitigation options, on technology, information and cyber risk domains associated with new banking services, fintech initiatives, digital transformation, and regulatory and legal requirements
Plan and deliver the bank-wide technology information and cyber awareness, training and testing program
Organize TICR-related management committees, working groups and risk forums to maintain effective risk governance and oversight
Participate in the assessment of security controls on third parties and outsourced service providers
Keep abreast of new technologies and related risks, industry trends, and regulatory requirements related to technology, information and cyber risk domains
Bachelor Degree or above, preferably in computer science, information security or equivalent
At least 5 years of relevant experience in technology, information or cyber risk management, information security or IT audit in financial services industry
Experienced in performing risk assessment and risk mitigation initiatives, particularly over third parties would be an advantage
Professional certifications in CISA, CRISC, CISM and/or CISSP would be preferred
Sound knowledge of IT risk management, internal controls, information security standards and best practices (e.g. ISO 27001, COBIT, PCI DSS)
Familiar wit legal and regulatory requirements pertaining to technology, information or cyber risk (e.g. HKMA supervisory policies and guidelines, PDPO)
Strong written and communication skills with ability to interact and engage with stakeholders and all levels of management
Proactive, able to work under pressure and meet tight deadlines
Candidate with less experience would be considered as junior level