Global Insurer - Associate Director, IT Risk (Urgent)

Job Title: Global Insurer - Associate Director, IT Risk (Urgent)
Contract Type: Permanent
Location: Hong Kong, Hong Kong
Salary: Bonus
REF: 24052019_1558685626
Contact Name: Rita Yu
Contact Email:
Job Published: 5 months ago

Job Description

A Successful Candidate will oversee the IT Risk Governance and IT General Controls for the regional office. You will be able to work with the professional team with excellent remuneration package!

Your Responsibilities

  • You be the Head of IT Risk Governance;
  • Leads the engagement with auditors and regulatory changes.
  • Leads the Group Information Security and Technology Risk framework, including supporting eGRC systems.
  • Leads 3rd party governance initiatives including Third Party Security Assessments
  • Leads controls self-assessment for the Regional Technology Function and Business Units as relates to Finance and IT General controls.
  • Drives world class governance practices across the Group to ensure that Technology Risk is identified proactively, and measured effectively across all business units
  • Implements leading Information Security policies and standards
  • Oversees Technology Risk and Control Assessments (ITGC assessments, Technical Risk assessments, Red Team Assessments)
  • Provides effective 'C-suite level' risk reporting to committees and boards
  • Manages a team of information security professionals in HK, China and Malaysia.

Your Requirements

  • Degree in Computer Science or related discipline
  • 10+ years' experience in Information Security /Technology Risk and staff management.
  • Excellent written and verbal communication skills and ability to escalate timely to management.
  • Strong knowledge of Technology Risk Standards and Industry Standards frameworks such as ISO 27001 and NIST.
  • Strong knowledge of regulatory requirements as related to Information Security and Technology Risk
  • Familiarity with information security controls and technical knowledge in areas such as: Infrastructure security, Application Security, Cyber Security, Identity and Access Management
  • Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) preferable.
  • Travel is required.

To quickly apply, please send your CV (in word format) to this email: for a confidential chat.