Global Insurer - Associate Director, IT Risk (Urgent)

Luogo: Hong Kong, Hong Kong
Stipendio: Bonus
Postato: giorni 22 fa
Tipologia di contratto: Permanent
Industria: Information & Cyber Security
Nome del contatto: Rita Yu
Contatto email:

Rita Yu

Consultant, APAC

See more of Rita Yu's jobs

Global Insurer - Associate Director, IT Risk (Urgent)

A Successful Candidate will oversee the IT Risk Governance and IT General Controls for the regional office. You will be able to work with the professional team with excellent remuneration package!

Your Responsibilities

  • You be the Head of IT Risk Governance;
  • Leads the engagement with auditors and regulatory changes.
  • Leads the Group Information Security and Technology Risk framework, including supporting eGRC systems.
  • Leads 3rd party governance initiatives including Third Party Security Assessments
  • Leads controls self-assessment for the Regional Technology Function and Business Units as relates to Finance and IT General controls.
  • Drives world class governance practices across the Group to ensure that Technology Risk is identified proactively, and measured effectively across all business units
  • Implements leading Information Security policies and standards
  • Oversees Technology Risk and Control Assessments (ITGC assessments, Technical Risk assessments, Red Team Assessments)
  • Provides effective 'C-suite level' risk reporting to committees and boards
  • Manages a team of information security professionals in HK, China and Malaysia.

Your Requirements

  • Degree in Computer Science or related discipline
  • 10+ years' experience in Information Security /Technology Risk and staff management.
  • Excellent written and verbal communication skills and ability to escalate timely to management.
  • Strong knowledge of Technology Risk Standards and Industry Standards frameworks such as ISO 27001 and NIST.
  • Strong knowledge of regulatory requirements as related to Information Security and Technology Risk
  • Familiarity with information security controls and technical knowledge in areas such as: Infrastructure security, Application Security, Cyber Security, Identity and Access Management
  • Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) preferable.
  • Travel is required.

To quickly apply, please send your CV (in word format) to this email: for a confidential chat.

I lavori simili