Head of Information Security- Financial Institution

IT / Technology
Hong Kong
Posted 8 months ago
  • Leading cybersecurity strategy for the firm and devising effective governance of information security and data protection, meeting risk appetite of the business and supporting safely our growth agenda
  • Implementing the cybersecurity improvement programme and driving continual enhancement of bank-wide cybersecurity posture and defense
  • Providing cybersecurity consultancy to the business, managing security reviews of new propositions or system changes in ensuring robust design and standards 
  • Designing secure application and effective infrastructure controls, enabling the business to securely adopt emerging technologies and innovation, including digital, data, cloud, AI/MI and other fintech solutions
  • Ensuring cybersecurity compliance of regulatory requirements and Group policies, through exercising strong governance in conjunction with risk and control functions and in active consultation in bank-wide risk forums
  • Promoting secure development in the IT community and integrating cybersecurity practices and tooling effectively into the DevSecOps model
  • Preparing the organisation for cybersecurity incidents with response plan and actively managing the risks and impacts of cybersecurity exceptions and threats
  • Continually raising awareness of cybersecurity importance through regular communication, training and knowledge sharing across all employees, and with attention to special groups like senior management, high risk roles etc.
  • Keeping abreast of latest technological development in cybersecurity and maintaining network of market intelligence with the industry, including peers, regulators, law enforcement, technology partners etc.
  • Managing a team of cybersecurity subject matter experts in protecting the firm and our customers, and enhancing their skills through continuous learning and professional certification​​​​​​​​​​​​​​



  • University degree in information technology or related disciplines
  • Over 8 years’ experience in cybersecurity and risk management areas, with professional security management certification e.g. CISSP,CISM,CISA,CRISC etc.
  • Strong technical, development or infrastructure skills and well versed with cybersecurity technology and tooling, inclusive of frameworks and best practices, e.g. ISO/IEC 27001, GASSP, NIST etc
  • People management experience and leadership skills in driving a high performance team
  • Strong communication, analytical, problem solving and stakeholder management skills
  • Past experience in delivering change in agile and devsecops model 
  • Exposure in working with a diverse culture, with international or regional teams
  • Experience in banking or financial services is an advantage
  • Great sense of ownership and servicing mindset to ensure efficient and effective customer service processes

Interested candidates kindly forward your Cv to [email protected]

Apply Online

A valid email address is required.