Job title: Specialist I (Information Security)
Company: Hong Kong Interbank Clearing Limited
Job description: Hong Kong Interbank Clearing Limited (HKICL) is a private company jointly owned by the Hong Kong Monetary Authority (HKMA) and The Hong Kong Association of Banks. The key objective of HKICL is to develop and operate a safe and efficient multi-currency and multi-dimensional financial infrastructure in Hong Kong. At present, it operates an integrated financial infrastructure platform for:
- interbank large-value fund transfers denominated in HKD, USD, Euro and RMB;
- interbank money settlement of equity and debt securities transactions in Hong Kong via linkage established with the Hong Kong Securities Clearing Company Limited and Central Moneymarkets Unit (CMU) system;
- interbank small-value fund transfers denominated in HKD and RMB, i.e. the HKD and RMB Faster Payment System;
- interbank clearing and/or money settlement of retail payments in Hong Kong such as paper cheques, autocredits, credit card payments, etc.; and
- the HKMA’s CMU system as a computer operator.
Major Responsibilities
- Participate in the development and maintenance of corporate-wide information security framework, policy, guideline, standard, and operation procedures with reference to ISO27001 standard and applicable best practices;
- Perform day-to-day security administration and operation including but not limited to management of end users and privileged accounts, keys and certificates, review of security logs, performance of technical vulnerability assessment and penetration testing as well as handling of security incidents, etc.;
- Assess and recommend information security control measures, as well as monitor the implementation for major projects;
- Participate in the implementation of security solutions and infrastructure collaborating with internal teams and external service providers;
- Monitor and analyse security events for detection, investigation and response to potential security issue;
- Maintain and monitor appropriate computer and network access controls, data, and physical security to ensure no security exposure;
- Participate in cyber threat intelligence analysis when required
- Assist to define information security risk indicators; collect, analyse and interpret the corresponding statistics for assisting senior management in overseeing information security risk;
- Identify control gaps, review the residual risk level and make recommendation for risk treatment;
- Interpret security key risk statistics for reporting to senior management on regular basis
- Promote security awareness and ensure compliance with applicable security standards
- Review and make recommendation on using of Open Source Software (OSS) and freeware
- Execute security operation procedures in accordance with the corporate information security policy and guidelines when required
- Keep abreast of technological knowledge in managed area of responsibility, and provide recommendations for adaptation of new security technologies and standard with reference to prevailing industry best practices
- Perform other job duties as assigned by the supervisors
Requirements
- University degree preferably in information technology, information security or related discipline
- Minimum 4 years of experience in information security or related field
- Knowledge in security practices and standards commonly adopted by the banking/financial industry such as the Cyber Resilience Assessment Framework (C-RAF), SWIFT Customer Security Controls Framework (CSCF), ISO27001 standard, etc. is an advantage;
- Team player with sound interpersonal, communication and presentation skills as well as excellent problem solving and analytical skills;
- Holder of security certificates – CRISC, CISA, CISM, CISSP or other equivalent certificates is an advantage
- Experience and knowledge in the area of public and/or private cloud security is an advantage
- Practical experience and knowledge in risk management framework and methodology is desirable
- Experience in working for major financial institutions is preferred but not a must
- Good command of written and spoken English and Chinese
- Willing to work shift duty (evening shift normally from 12:30 to 21:30 with shift duty allowance)
- Candidate from non-financial industries will also be considered
- Candidate with less experience may be considered for appointment as Specialist II (Information Security)
How to ApplyInterested parties please send your curriculum vitae stating your current and expected salaries, and contact phone number to the Human Resources Division, Unit B, 25/F, MG Tower, 133 Hoi Bun Road, Kwun Tong, Kowloon or by clicking the ” APPLY NOW ” button below:All applications and personal information collected will be treated in strict confidence and only be used for the purpose of recruitment and selection. The information collected will be accessed by our authorized personnel only. Those applicants not contacted by the Human Resources Division within two months from their application date should consider their applications filed for future reference which will be retained for one year for possible future job matching, and destroyed after the expiry of one year.All applications applied through our system will be delivered directly to the advertiser and privacy of personal data of the applicant will be ensured with security.
Expected salary:
Location: Ngau Tau Kok, Hong Kong
Job date: Wed, 13 Nov 2024 08:19:16 GMT
To help us track our recruitment effort, please indicate in your email/cover letter where (jobsnear.pro) you saw this job posting.Thanks&Good Luck