Key Responsibilities
- Support the identification, assessment, and management of technology and information security risks across critical systems and applications.
- Execute and review technology risk assessments, IT control evaluations, and gap analyses in line with regulatory and internal requirements.
- Assist in the design, implementation, and monitoring of IT general controls (ITGC), application controls, and cybersecurity controls
- Engage with internal stakeholders, technology teams, and business units to provide pragmatic risk advisory and remediation support
- Support regulatory compliance initiatives (e.g. HKMA, SFC, IA, MAS, or equivalent frameworks)
- Contribute to technology risk governance activities including policies, standards, procedures, and risk reporting
- Participate in regulatory reviews and management reviews, including preparation of documentation and responses
- Stay informed of emerging technology risks, cyber threats, and regulatory developments within the financial industry
Requirements
- Bachelor's degree in Information Systems, Computer Science, Risk Management, or a related discipline
- 3+ years of experience in technology risk, IT audit, cyber risk, or technology controls within financial services
- Proficient in written and spoken English and Chinese
- Strong understanding of IT risk and control frameworks
- Familiarity with financial industry regulatory requirements and supervisory expectations
- Professional certifications (e.g. CISA, CISM, CRISC, CISSP) are an advantage.
- Strong analytical, problem-solving, and communication skills
If you're interested in this opportunity, please click "Apply Now" to submit your updated resume, or contact Ms.Christine Lau at Christine.lau@hays.com.hk
