Head of Information Security- Financial Institution
IT / Technology
Posted 5 months ago
- Leading cybersecurity strategy for the firm and devising effective governance of information security and data protection, meeting risk appetite of the business and supporting safely our growth agenda
- Implementing the cybersecurity improvement programme and driving continual enhancement of bank-wide cybersecurity posture and defense
- Providing cybersecurity consultancy to the business, managing security reviews of new propositions or system changes in ensuring robust design and standards
- Designing secure application and effective infrastructure controls, enabling the business to securely adopt emerging technologies and innovation, including digital, data, cloud, AI/MI and other fintech solutions
- Ensuring cybersecurity compliance of regulatory requirements and Group policies, through exercising strong governance in conjunction with risk and control functions and in active consultation in bank-wide risk forums
- Promoting secure development in the IT community and integrating cybersecurity practices and tooling effectively into the DevSecOps model
- Preparing the organisation for cybersecurity incidents with response plan and actively managing the risks and impacts of cybersecurity exceptions and threats
- Continually raising awareness of cybersecurity importance through regular communication, training and knowledge sharing across all employees, and with attention to special groups like senior management, high risk roles etc.
- Keeping abreast of latest technological development in cybersecurity and maintaining network of market intelligence with the industry, including peers, regulators, law enforcement, technology partners etc.
- Managing a team of cybersecurity subject matter experts in protecting the firm and our customers, and enhancing their skills through continuous learning and professional certification
- University degree in information technology or related disciplines
- Over 8 years’ experience in cybersecurity and risk management areas, with professional security management certification e.g. CISSP,CISM,CISA,CRISC etc.
- Strong technical, development or infrastructure skills and well versed with cybersecurity technology and tooling, inclusive of frameworks and best practices, e.g. ISO/IEC 27001, GASSP, NIST etc
- People management experience and leadership skills in driving a high performance team
- Strong communication, analytical, problem solving and stakeholder management skills
- Past experience in delivering change in agile and devsecops model
- Exposure in working with a diverse culture, with international or regional teams
- Experience in banking or financial services is an advantage
- Great sense of ownership and servicing mindset to ensure efficient and effective customer service processes
Interested candidates kindly forward your Cv to [email protected]