Information Assurance Manager
Salary Attractive Package + Bonus
Location Hong Kong IslandFULL_TIME
Consultant June Tam
Date posted 09 May 20192019-05-09 2019-07-08 it 41 Connaught Road Central Hong Kong Robert Walters
This is a 2nd line of defense Information Risk Management role. This will involve collaboration and partnership with 1st line of defense IT Governance, IT Teams, ORM (Operational Risk Management), Global Compliance, 2nd line Controls Assurance team and 2nd line Centre of Excellence teams.
About the role :
- Conduct risk review and root cause analysis of control testing failures in collaboration with 1st line teams.
- Conduct risk review as necessary for control exception requests in collaboration with 1st line teams.
- Identify control failures through review of Incidents in collaboration with 1st line teams.
- Identify control failures through review of Key Risk Indicators in collaboration with 1st line teams.
- Execute 2nd Line Information Risk challenge activities for Significant Projects & Vendors including independent assessment and review of 1st Line risk assessment work.
- Execute 2nd Line Top Down Risk and Control Assessment with supported service areas. Take on additional responsibilities as necessary.
About the person:
- 5 years or more of progressive information risk management experience in one or more disciplines: project/vendor risk assessment, network security, infrastructure/platform security, data/application security, vulnerability/patch management, IT auditing, IT risk and control assessments, and business continuity/disaster recovery planning.
- Professional certification or designation in information security, IT auditing, business continuity and/or disaster recovery a plus, but not a requirement.
- Excellent communication skills (oral and written) including presentation skills with demonstrated ability to present at all organisational levels.
- Experience different quantitative risk management frameworks is a plus
- Innovative problem-solving skills with proven ability to exercise flexibility and judgement.
- Ability to learn, know and act upon what is important to the firm and the specific service areas you support.
- Proven ability to build relationships, engage and influence others, work with a diverse internal and international user community, as well as vendors.
This role sits within the group information risk management team which is responsible to drive strategies and collaborates with group level stakeholders.