CAIA's Career Center is an easy-to-use, comprehensive resource connecting job seekers with employers in the growing AI field. Use your knowledge and credibility to advance your career or build a talented team for your organization. Opportunities targeted to CAIA Charterholders are prioritized.
In order to search for jobs specifically for CAIA Charterholders or those pursuing the CAIA Charter please enter “CAIA” in the search panel.
This will enable you to search for CAIA specific roles globally.
Senior Manager, Technology Risk and Information Security
Dah Sing Financial Group
February 4, 2020
About Dah Sing Group The Dah Sing Group is a leading financial services group in Hong Kong offering banking, insurance, financial and other related services through its growing network of over 70 branches in Hong Kong, Macau and Mainland China. Our currency is caring, teamwork and progressiveness. We accept that everyone is unique and different in talent, but alike in the capacity for growth. Our task is to shape a culture that creates a sense of pride in achieving something beyond just a job, and an environment where you can be your true and authentic self, like at home.
Reporting to the Head of Technology Risk & Information Security, you will be responsible for providing information security recommendations and risk assessments; performing regular security assessment and penetration test; governing outsourcing service provider; reviewing and updating Security policy, guidelines and procedures; and promoting security awareness within the Group.
Plan and design security architectures and implement different security solutions to safeguard the bank's network and system
Develop technical requirements and controls for network, system and data security
Provide technical guidance to systems and network team regarding security configurations
Define appropriate framework for cybersecurity monitoring and implement cybersecurity control mechanisms which are consistent with the bank's risk strategy
Manage information system security operations, including security operations performance
Implement general IT risk and control mechanism such as access controls, and IT operations controls
Detect, identify and monitor security vulnerabilities and make recommendations on remediation actions
Act as a focal point for internal/external audit and regulator inspection role over technology risk and information security matters
Taking up the project manager roles on the security related projects.
University graduate in Computer Science / Information Technology or equivalent
Minimum 10 years of relevant work experience in information security / cybersecurity
Banking exposure is essential
One or more certificates listed below:
- ISC2 Certified Information Security Professional (CISSP) - ISACA Certified Information System Auditor (CISA) - ISACA Certified Information Security Manager (CISM) - ISC2 Certified Cloud Security Professional (CCSP)
Solid experience in Microsoft Windows, AIX, Sun Solaris, Linux, CISCO router and switch, F5 ASM/APM/LTM, Checkpoint firewall, Juniper firewall, Trend Micro Deep Security, Splunk, Forcepoint Web Security Gateway, and ForeScout Network Access Control
Solid experience in Windows PowerShell, UNIX shell script and Python
Solid experience in performing vulnerability scanning, and penetration test
Strong information security sense in relation to business requirements
Excellent command of written English
Mature, independent and able to deliver quality results under tight schedule
Good communication and interpersonal skills
Candidates with less experience will be considered as Manager role.
Please note that only shortlisted candidates will be notified.