Key elements of the job:

• Work with development and infrastructure teams to identify and enhance IT security control
• Perform regular checking to ensure the compliance with Financial Industrial IT security standard and regulatory requirements
• Participate in security / controls gap analysis to define and implement necessary solutions for compliance purpose
• Support audit engagement and response to the inquiries from regulator and auditor
• Monitor the resolution of audit findings as well as ensure agreed action plans are completed
• Work with Operational Risk, Internal Audit and Compliance Team to analyze new regulatory requirements and work with business units to define and implement necessary processes and technology solutions for compliance purpose
• Promote IT security awareness and apply IT security practice, able to demonstrate adherence to internal control

The ideal candidate:

• University graduate in Computer Science or related disciplines.
• Holder of relevant industry recognized security certifications, e.g. CISSP, CISA, CISM, CRISC, CEH, 
• Minimum 3-5 years' information security experience in  financial institution
• Sound knowledge of regulatory requirements and strong understanding of financial industry
• Strong knowledge of network security, data security and application security
• Knowledge on IT security tools such as Privileges ID Management, Network Security Monitoring, End Point Protection, Security Incident Event Management System and Data Loss Prevention System are desirable
• Proactive, detail-oriented, and strong problem-solving skills with the ability to work independently and as part of a team
• Strong organizational skills and ability to manage multiple demands and changing priorities
• Good command of spoken and written English and Chinese, including Putonghua