AVP/VP, Technology Risk Management, Information Technology

The Role AVP/VP, Technology Risk Management, Information Technology Key Accountabilities Risk Governance & Compliance Develop, review, and enforce IT risk management policies, standards, and procedures; Ensure compliance with internal risk policies and regulatory requirements in daily operations; Identify, assess, and mitigate IT risks through proactive monitoring and control measures. Risk Monitoring & Control Conduct risk assessments for IT operations and projects, ensuring proper risk escalat

BOC International - Hong Kong - Full time

Salary: NA

The Role

AVP/VP, Technology Risk Management, Information Technology

Key Accountabilities

  • Risk Governance & Compliance
    • Develop, review, and enforce IT risk management policies, standards, and procedures;
    • Ensure compliance with internal risk policies and regulatory requirements in daily operations;
    • Identify, assess, and mitigate IT risks through proactive monitoring and control measures.
  • Risk Monitoring & Control
    • Conduct risk assessments for IT operations and projects, ensuring proper risk escalation and approval processes.
  • Incident Management & Investigation
    • Lead root cause analysis (RCA) for IT security incidents, assessing impact, accountability, and remediation;
    • Collaborate with IT teams and business units to address risks and implement appropriate actions.
  • Risk Mitigation & Reporting
    • Implement risk controls in alignment with the Three Lines of Defense model;
    • Report risk exposures and mitigation progress to senior management and risk committees.
  • Audits & Regulatory Coordination
    • Manage internal/external IT risk audits, regulatory inspections, and compliance reviews;
    • Drive security action for findings from regulators, internal audits, or major incidents;
    • Prepare regulatory submissions (e.g., risk ratings, incident reports) as required.
  • Security Awareness & Training
    • Develop and deliver cybersecurity training programs to enhance staff awareness;
    • Provide risk updates and recommendations to executive leadership.

Skills & Experience

  • Bachelor's degree or higher in Computer Science, Information Technology, or a related field;
  • 8+ years of experience in information security, technical risk management, or IT auditing;
  • Proficiency in Microsoft Word, PowerPoint, and Excel;
  • Fluent in English, Cantonese, and Mandarin;
  • Strong communication and coordination skills with a proactive work attitude;
  • Professional certifications such as CISA, CISM, CISSP are preferred.

Other Information

  • Please apply in strict confidence with full resume, academic record, current and expected salaries;
  • The personal data provided will be used for consideration of recruitment only. All personal data of unsuccessful candidate will be destroyed within 24 months;
  • Candidates with Enhanced Competency Framework (ECF): please state on the CV.

About BOCI

As a leading investment bank in China and Hong Kong region, the investment banking arm of Bank of China, BOC International Holdings Limited (“BOCI”), is now seeking highly motivated, creative and success-oriented professional who would like to pursue the career in our group.



Apply
23029853

OTHER ASIAXPAT SITES:

Ad