Information Assurance Manager
Salary HKD60,000 - HKD70,000 per month
Location Hong Kong IslandFULL_TIME
Consultant June Tam
Date posted 08 May 20192019-05-08 2019-07-07 it 41 Connaught Road Central Hong Kong Robert Walters
A prestige insurance group is looking for an experienced Information Risk Manager to join their global risk team. This is a 2nd line of defence position collaborating with IT, Operations and Compliance team. Candidates with IT and audit background will be shortlisted first.
About the role :
- Conduct risk review and root cause analysis of control testing failures in collaboration with 1st line teams.
- Conduct risk review as necessary for control exception requests in collaboration with 1st line teams.
- Identify control failures through review of Incidents in collaboration with 1st line teams.
- Identify control failures through review of Key Risk Indicators in collaboration with 1st line teams.
- Execute 2nd Line Information Risk challenge activities for Significant Projects & Vendors including independent assessment and review of 1st Line risk assessment work.
- Execute 2nd Line Top Down Risk and Control Assessment with supported service areas. Take on additional responsibilities as necessary.
About the person:
- 5 years or more of progressive information risk management experience in one or more disciplines: project/vendor risk assessment, network security, infrastructure/platform security, data/application security, vulnerability/patch management, IT auditing, IT risk and control assessments, and business continuity/disaster recovery planning.
- Professional certification or designation in information security, IT auditing, business continuity and/or disaster recovery a plus, but not a requirement.
- Excellent communication skills (oral and written) including presentation skills with demonstrated ability to present at all organisational levels.
- Experience different quantitative risk management frameworks is a plus
- Innovative problem-solving skills with proven ability to exercise flexibility and judgement.
- Ability to learn, know and act upon what is important to the firm and the specific service areas you support.
- Proven ability to build relationships, engage and influence others, work with a diverse internal and international user community, as well as vendors.
This role sits within the group information risk management team which is responsible to drive strategies and collaborates with group level stakeholders.