Company Introduction: We're home to Asia's most dynamic and vibrant capital markets.
Connecting capital, ideas, inspiration and innovation for deeper, more diverse and liquid global capital markets; providing greater choice and opportunity for our customers, each and every day.
HKEX is a purpose-driven company. Our commitment to the long-term development of our business and our markets is articulated in our purpose: "To Connect, Promote and Progress our Markets and the Communities they support for the prosperity of all."
Job Summary: Lead the IT Risk and Control team to perform the IT 1.5-Line-of-Defense risk and control review and governance.
Job Duties: Responsibilities:
- Lead comprehensive risk assessments within IT frameworks, crafting risk mitigation plans.
- Conduct in-depth reviews of pivotal IT processes to ensure the implementation of strong key controls.
- Proactively pinpoint and address areas of non-compliance and control vulnerabilities, suggesting effective corrective measures.
- Develop and present executive briefings on the latest trends and updates in IT compliance and risk management.
- Guide the IT Compliance and Risk Management team in establishing and upholding rigorous IT policies and standards.
- Formulate an IT compliance review strategy grounded in industry methodologies, standards, and best practices.
- Assess the efficiency and robustness of internal controls, including both general IT and application controls.
- Innovate and deploy automated compliance monitoring tools to streamline compliance analysis.
- Preside over the compliance working group, fostering collaboration with IT teams to rectify control shortcomings.
- Diligently monitor, document, and communicate the advancement of remediation efforts, ensuring transparent management updates.
- Orchestrate a detailed training initiative to bolster the IT risk control proficiency of the workforce.
Requirements:
- A university degree in information technology, information security, or a related discipline.
- A minimum of 13 years of pertinent experience in technology audit, risk, and compliance, with at least 5 years in a leadership capacity.
- Excellent people management skills in managing teams and developing junior staff.
- Expertise in Line 1.5 risk and control management.
- A track record of leading compliance or technology audit teams successfully.
- A comprehensive understanding of risk and control throughout the system development life cycle and essential IT processes.
- Proven success in steering IT compliance programs in a major financial services enterprise.
- The ability to convey complex risk and control concepts and issues eloquently to executive leadership.
- Hands-on experience in implementing technology-driven compliance solutions, such as compliance analytics.
- Relevant professional certifications like CISA, CISSP, etc., are beneficial.
- Outstanding problem-solving, analytical, and communication skills.
- Fluency in both written and spoken English and Chinese.
HKEX is committed as an Equal Opportunity Employer. Diversity is one of our core values and we look to support, respect diverse perspectives, abilities, culture and experiences within our workplace.
Location: HKEX - TKO
Shift: Standard - 40 Hours (Hong Kong SAR)
Scheduled Weekly Hours: 40
Worker Type: Permanent