188 Data Protection jobs in Hong Kong

Join to apply for the Consultant / Senior Consultant, Data Privacy and Protection, Technology Consulting role at KPMG China

1 year ago Be among the first 25 applicants

Join to apply for the Consultant / Senior Consultant, Data Privacy and Protection, Technology Consulting role at KPMG China

KPMG China provides multidisciplinary services from audit and tax to advisory, with a strong focus on serving our clients’ needs and their industries. Not only do we have an overriding commitment to provide the highest quality services for our clients, but we also strive to become a responsible corporate citizen that has a positive impact on our environment and community. At KPMG, you’ll translate insights into action and reveal opportunities for all—our teams, our clients and our world.

Service Line Overview

At KPMG's Consulting practice, we do not limit ourselves to either strategy or implementation. We deliver both. Our Hong Kong division is the fastest growing within KPMG China and represents a young and enthusiastic team that always pushes for success. Since our inception, we have acquired in-depth knowledge of an incredibly broad range of sectors and services.

KPMG is the firm that views cyber security as a business enabler, and not just an IT issue. From the boardroom to back office, we help clients through Strategy and Governance, Transformation, Cyber Defense and Cyber Response. So that they are prepared for uncertainty and use cyber security to advance the business, not stand in the way.

We are now seeking Consultant / Senior Consultant candidates for Data Privacy and Protection Governance Team.



Key Responsibilities

• Assess risks, identify gaps and provide advice on data protection and privacy for our client
• Evaluate data privacy and data protection practices of our clients
• Conduct Privacy Impact Assessments
• Support in deploying processes to manage privacy matters and stay compliant with relevant regulations
• Support data governance engagements across the full set of capabilities at KPMG, including data strategy, data privacy governance and policy, privacy by design, personal data protection, personal data lifecycle management, third party management, compliance and risk management
• Assist in identifying and communicating engagement findings
• Simultaneously work on multiple client engagements of varying size, scope and complexity
• Conduct research focused on identifying emerging technology solutions that reduce costs, increase efficiencies, provide more value, provide more capabilities, reduce risks, and increase data protection
• Communicate best practices by giving presentations, working with project teams, and authoring content aimed at educating others about standards, strategies, and otherwise defined best practices
• Work individually and collaboratively with team members to ensure breadth and granularity of strategies, standards and reference architectures for consistency and integration
• Support in preparing of proposals and put together solutions, supporting literature, diagrams, write-up, responses, etc
  
  
  

• Bachelor/Master degree from an accredited college / university in Computer Science, Law & compliance or other related field
• Privacy and data protection certifications preferred (e.g. CIPP, CIPM, CIPT, CDPSE)
• Minimum of 2 years’ experience in data privacy and data protection, ideally within a professional services environment or internal consultancy function delivering privacy related services
• Candidate with less experience will be considered as Consultant
• Profound knowledge of data protection regulations, especially Hong Kong’s PDPO, European’s GDPR and China’s Personal Data Protection Law
• Understanding of data privacy, confidentiality and data protection from a process and risk perspective
• Experience and knowledge in performing privacy impact assessments, privacy compliance assessments, design of data privacy policies and guidelines, personal data flow mapping and analysis, implementation of privacy training and awareness programs and advising on privacy by design
• Experience with usage or implementation of privacy tools preferred
• Appetite to develop your privacy skills further
• Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese)
• Strong client services orientation and accustomed to taking an active role in executing client engagements
  
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Consulting, Information Technology, and Sales
• Industries Professional Services

Referrals increase your chances of interviewing at KPMG China by 2x

Wan Chai District, Hong Kong SAR 1 week ago

Eastern District, Hong Kong SAR 1 month ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Manager/Associate Director, Data Privacy and Protection, Technology Consulting role at KPMG China

1 year ago Be among the first 25 applicants

Join to apply for the Manager/Associate Director, Data Privacy and Protection, Technology Consulting role at KPMG China

KPMG China provides multidisciplinary services from audit and tax to advisory, with a strong focus on serving our clients’ needs and their industries. Not only do we have an overriding commitment to provide the highest quality services for our clients, but we also strive to become a responsible corporate citizen that has a positive impact on our environment and community. At KPMG, you’ll translate insights into action and reveal opportunities for all—our teams, our clients and our world.
Service Line Overview
At KPMG's Consulting practice, we do not limit ourselves to either strategy or implementation. We deliver both. Our Hong Kong division is the fastest growing within KPMG China and represents a young and enthusiastic team that always pushes for success. Since our inception, we have acquired in-depth knowledge of an incredibly broad range of sectors and services.
KPMG is the firm that views cyber security as a business enabler, and not just an IT issue. From the boardroom to back office, we help clients through Strategy and Governance, Transformation, Cyber Defense and Cyber Response. So that they are prepared for uncertainty and use cyber security to advance the business, not stand in the way.
We are now seeking Manager and Associate Director candidates for Data Privacy and Protection Team.
Key Responsibilities

• Lead the team to assess risks, identify gaps and provide advice on data protection and privacy for our client
• Evaluate data privacy and data protection practices of our clients
• Develop and manage relationships, and meet with relevant data protection and privacy, and security stakeholders within our clients
• Conduct Privacy Impact Assessments
• Deploy processes to manage privacy matters and stay compliant with relevant regulations
• Collaborate data governance engagements across the full set of capabilities at KPMG, including data strategy, data privacy governance and policy, privacy by design, personal data protection, personal data lifecycle management, third party management, compliance and risk management
• Identify and communicate engagement findings to management and client personnel
• Simultaneously work on multiple client engagements of varying size, scope and complexity
• Collaborate in advising the team to conduct research focused on identifying emerging technology solutions that reduce costs, increase efficiencies, provide more value, provide more capabilities, reduce risks, and increase data protection
• Communicate best practices by giving presentations, working with project teams, and authoring content aimed at educating others about standards, strategies, and otherwise defined best practices
• Lead a team to work individually and collaboratively with team members to ensure breadth and granularity of strategies, standards and reference architectures for consistency and integration
• Drive preparation of proposals and put together solutions, supporting literature, diagrams, write-up, responses, etc
  

• Bachelor/Master degree from an accredited college / university in Computer Science, Law & compliance or other related field
• Technology related qualification holder on Privacy and data protection certifications will be preferrable (e.g. CIPP, CIPM, CIPT, CDPSE)
• Minimum of 5 years’ experience in data privacy and data protection, ideally within a professional services environment or internal consultancy function delivering privacy related services
• Profound knowledge of data protection regulations, especially Hong Kong’s PDPO, European’s GDPR and China’s Personal Data Protection Law
• Understanding of data privacy, confidentiality and data protection from a process and risk perspective
• Experience and knowledge in performing privacy impact assessments, privacy compliance assessments, design of data privacy policies and guidelines, personal data flow mapping and analysis, implementation of privacy training and awareness programs and advising on privacy by design
• Experience with usage or implementation of privacy tools preferred
• Appetite to develop your privacy skills further
• Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese)
• Strong client services orientation and accustomed to taking an active role in executing client engagements
• Candidate with less experience will be considered as Manager
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Professional Services

Referrals increase your chances of interviewing at KPMG China by 2x

Wan Chai District, Hong Kong SAR 1 month ago

Islands District, Hong Kong SAR 2 months ago

Sha Tin District, Hong Kong SAR 2 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Consultant / Senior Consultant, Data Privacy and Protection, Technology Consulting role at KPMG China

1 year ago Be among the first 25 applicants

Join to apply for the Consultant / Senior Consultant, Data Privacy and Protection, Technology Consulting role at KPMG China

KPMG China provides multidisciplinary services from audit and tax to advisory, with a strong focus on serving our clients’ needs and their industries. Not only do we have an overriding commitment to provide the highest quality services for our clients, but we also strive to become a responsible corporate citizen that has a positive impact on our environment and community. At KPMG, you’ll translate insights into action and reveal opportunities for all—our teams, our clients and our world.
Service Line Overview
At KPMG's Consulting practice, we do not limit ourselves to either strategy or implementation. We deliver both. Our Hong Kong division is the fastest growing within KPMG China and represents a young and enthusiastic team that always pushes for success. Since our inception, we have acquired in-depth knowledge of an incredibly broad range of sectors and services.
KPMG is the firm that views cyber security as a business enabler, and not just an IT issue. From the boardroom to back office, we help clients through Strategy and Governance, Transformation, Cyber Defense and Cyber Response. So that they are prepared for uncertainty and use cyber security to advance the business, not stand in the way.
We are now seeking Consultant / Senior Consultant candidates for Data Privacy and Protection Governance Team.
Key Responsibilities

• Assess risks, identify gaps and provide advice on data protection and privacy for our client
• Evaluate data privacy and data protection practices of our clients
• Conduct Privacy Impact Assessments
• Support in deploying processes to manage privacy matters and stay compliant with relevant regulations
• Support data governance engagements across the full set of capabilities at KPMG, including data strategy, data privacy governance and policy, privacy by design, personal data protection, personal data lifecycle management, third party management, compliance and risk management
• Assist in identifying and communicating engagement findings
• Simultaneously work on multiple client engagements of varying size, scope and complexity
• Conduct research focused on identifying emerging technology solutions that reduce costs, increase efficiencies, provide more value, provide more capabilities, reduce risks, and increase data protection
• Communicate best practices by giving presentations, working with project teams, and authoring content aimed at educating others about standards, strategies, and otherwise defined best practices
• Work individually and collaboratively with team members to ensure breadth and granularity of strategies, standards and reference architectures for consistency and integration
• Support in preparing of proposals and put together solutions, supporting literature, diagrams, write-up, responses, etc
  

• Bachelor/Master degree from an accredited college / university in Computer Science, Law & compliance or other related field
• Privacy and data protection certifications preferred (e.g. CIPP, CIPM, CIPT, CDPSE)
• Minimum of 2 years’ experience in data privacy and data protection, ideally within a professional services environment or internal consultancy function delivering privacy related services
• Candidate with less experience will be considered as Consultant
• Profound knowledge of data protection regulations, especially Hong Kong’s PDPO, European’s GDPR and China’s Personal Data Protection Law
• Understanding of data privacy, confidentiality and data protection from a process and risk perspective
• Experience and knowledge in performing privacy impact assessments, privacy compliance assessments, design of data privacy policies and guidelines, personal data flow mapping and analysis, implementation of privacy training and awareness programs and advising on privacy by design
• Experience with usage or implementation of privacy tools preferred
• Appetite to develop your privacy skills further
• Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese)
• Strong client services orientation and accustomed to taking an active role in executing client engagements
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Consulting, Information Technology, and Sales
• Industries Professional Services

Referrals increase your chances of interviewing at KPMG China by 2x

Wan Chai District, Hong Kong SAR 1 week ago

Eastern District, Hong Kong SAR 1 month ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Manager, Risk Management role at AEON Credit Service (Asia) Co., Ltd.

1 week ago Be among the first 25 applicants

Join to apply for the Manager, Risk Management role at AEON Credit Service (Asia) Co., Ltd.

Direct message the job poster from AEON Credit Service (Asia) Co., Ltd.

Company Overview

• AEON Credit Service (Asia) Co., Ltd was established in 1990 and listed on the Main Board of Hong Kong Stock Exchange since 1995 (stock code: 900).
• One of the major players in the credit card market in Hong Kong.
• We are a member of AEON Group, a Fortune Global 500 company.

We offer:

• 5-day work week
• Group medical, dental, body check, group life, accidental & travel insurance coverage insurance coverage
• Competitive annual leave package
• Competitive pay and Discretionary bonus
• Friendly working environment with dynamic and talented team members
• Learning and development opportunities
• Smart and casual attire (Monday to Friday)
• Convenient office located near Tsim Sha Tsui MTR station

Responsibilities:

• Support the Company’s integrated management of various types of risks under enterprise risk management framework.
• Advising on improvements to corporate governance, enterprise risk management and internal controls, and the monitoring of their effectiveness and adequacy.
• In charge of operational risk events management, through investigation of root causes and advising on preventive measures.
• In charge of risk management related projects, e.g. BCP implementation, drill coordination, new products/services risk analysis, etc.
• Provide support in risk management related matters, including regular meeting documentations preparation, risk control self-assessment, reporting to top management, etc.
• Assist the department for any other risk management functions, e.g. regular review and update of relevant risk-related policies and regulations, and give comments with regards to other risk-related operation manual/procedures; and any other ad hoc tasks assigned.

Requirements:

• Degree holder or other relevant qualifications, preferably majoring in business studies.
• 5 years of relevant experience in financial institutions, with payment companies, card associations, listed companies with ERM experiences are an advantage.
• Experience in risk management and operation control, with security management is an advantage.
• Proficient in both written and spoken English and Chinese (Cantonese and Mandarin).
• Immediate availability is preferred.

Interested parties please send your application with updated CV, notice period, current and expected salaries to

Information on Collection of Personal Data & Application

Our company is an equal opportunities employer and welcome application from all qualified candidates.

All personal data collected will be kept confidential, and will be used for recruitment purpose only.

It is our policy to retain personal data of unsuccessful applicants for future recruitment purposes within our Company, its subsidiary or associated companies for a period of six months. This retention of your personal data in the said period allows us to consider your suitability of other roles that may arise during this time. We may transfer your personal data to the said companies for such recruitment consideration.

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Other, Accounting/Auditing, and General Business
• Industries Financial Services and Insurance

Referrals increase your chances of interviewing at AEON Credit Service (Asia) Co., Ltd. by 2x

Get notified about new Manager Risk Management jobs in Kowloon, Hong Kong SAR .

Kwun Tong District, Hong Kong SAR 4 months ago

Kwun Tong District, Hong Kong SAR 1 month ago

Kwun Tong District, Hong Kong SAR 3 months ago

Tsim Sha Tsui, Hong Kong SAR 10 hours ago

Kowloon City District, Hong Kong SAR 1 week ago

Kwun Tong District, Hong Kong SAR 1 month ago

Kowloon City District, Hong Kong SAR 2 weeks ago

Kowloon City District, Hong Kong SAR 5 hours ago

Kwun Tong District, Hong Kong SAR 3 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

1. Review and assess credit facility & trading limits applications.

2. Monitor the credit risks of margin financing portfolios, ensure margin control actions & procedures are performed in a timely manner.

3. Review and enhance margin financing business Risk Management Policy & Guideline.

4. Participating in HQ’s and Department’s reports preparation.

5. Participating in market risk identification, measurement and monitoring.

6. Carrying out other tasks assigned by management.

Requirements:

1. Bachelor’s degree or above, major in economics, finance, science and engineering and other related areas.

2. 3-5 years' working experience in risk management and credit control in securities firms, with keen interest in the equity and fixed income markets.

3. Clear logical thinking and strong data compilation and analysis capabilities.

4. Strong learning ability, serious work attitude, meticulous, and strong sense of responsibility.

5. Excellent presentation and communication skills.

6. Preference will be given to applicants who have passed CFA, FRM and/or other relevant qualifications.

We offer competitive remuneration packages to the successful candidates. Interested candidates may send us your detailed resume with current & expected salary and availability.

All information collected will be kept in strict confidence and will be used for recruitment purpose only.

• Seniority level Associate

• Employment type Full-time

• Job function Finance
• Industries Investment Banking

Referrals increase your chances of interviewing at CCB International (Holdings) Limited by 2x

Get notified about new Risk Analyst jobs in Hong Kong, Hong Kong SAR .

Eastern District, Hong Kong SAR 3 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

1. Review and assess credit facility & trading limits applications.

2. Monitor the credit risks of margin financing portfolios, ensure margin control actions & procedures are performed in a timely manner.

3. Review and enhance margin financing business Risk Management Policy & Guideline.

4. Participating in HQ’s and Department’s reports preparation.

5. Participating in market risk identification, measurement and monitoring.

6. Carrying out other tasks assigned by management.

Requirements:

1. Bachelor’s degree or above, major in economics, finance, science and engineering and other related areas.

2. 3-5 years' working experience in risk management and credit control in securities firms, with keen interest in the equity and fixed income markets.

3. Clear logical thinking and strong data compilation and analysis capabilities.

4. Strong learning ability, serious work attitude, meticulous, and strong sense of responsibility.

5. Excellent presentation and communication skills.

6. Preference will be given to applicants who have passed CFA, FRM and/or other relevant qualifications.

We offer competitive remuneration packages to the successful candidates. Interested candidates may send us your detailed resume with current & expected salary and availability.

All information collected will be kept in strict confidence and will be used for recruitment purpose only.

• Seniority level Associate

• Employment type Full-time

• Job function Finance
• Industries Investment Banking

Referrals increase your chances of interviewing at CCB International (Holdings) Limited by 2x

Get notified about new Risk Analyst jobs in Hong Kong, Hong Kong SAR .

Eastern District, Hong Kong SAR 3 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Manager, Risk Management role at AEON Credit Service (Asia) Co., Ltd.

1 week ago Be among the first 25 applicants

Join to apply for the Manager, Risk Management role at AEON Credit Service (Asia) Co., Ltd.

Direct message the job poster from AEON Credit Service (Asia) Co., Ltd.

Company Overview

• AEON Credit Service (Asia) Co., Ltd was established in 1990 and listed on the Main Board of Hong Kong Stock Exchange since 1995 (stock code: 900).
• One of the major players in the credit card market in Hong Kong.
• We are a member of AEON Group, a Fortune Global 500 company.

We offer:

• 5-day work week
• Group medical, dental, body check, group life, accidental & travel insurance coverage insurance coverage
• Competitive annual leave package
• Competitive pay and Discretionary bonus
• Friendly working environment with dynamic and talented team members
• Learning and development opportunities
• Smart and casual attire (Monday to Friday)
• Convenient office located near Tsim Sha Tsui MTR station

Responsibilities:

• Support the Company’s integrated management of various types of risks under enterprise risk management framework.
• Advising on improvements to corporate governance, enterprise risk management and internal controls, and the monitoring of their effectiveness and adequacy.
• In charge of operational risk events management, through investigation of root causes and advising on preventive measures.
• In charge of risk management related projects, e.g. BCP implementation, drill coordination, new products/services risk analysis, etc.
• Provide support in risk management related matters, including regular meeting documentations preparation, risk control self-assessment, reporting to top management, etc.
• Assist the department for any other risk management functions, e.g. regular review and update of relevant risk-related policies and regulations, and give comments with regards to other risk-related operation manual/procedures; and any other ad hoc tasks assigned.

Requirements:

• Degree holder or other relevant qualifications, preferably majoring in business studies.
• 5 years of relevant experience in financial institutions, with payment companies, card associations, listed companies with ERM experiences are an advantage.
• Experience in risk management and operation control, with security management is an advantage.
• Proficient in both written and spoken English and Chinese (Cantonese and Mandarin).
• Immediate availability is preferred.

Interested parties please send your application with updated CV, notice period, current and expected salaries to

Information on Collection of Personal Data & Application

Our company is an equal opportunities employer and welcome application from all qualified candidates.

All personal data collected will be kept confidential, and will be used for recruitment purpose only.

It is our policy to retain personal data of unsuccessful applicants for future recruitment purposes within our Company, its subsidiary or associated companies for a period of six months. This retention of your personal data in the said period allows us to consider your suitability of other roles that may arise during this time. We may transfer your personal data to the said companies for such recruitment consideration.

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Other, Accounting/Auditing, and General Business
• Industries Financial Services and Insurance

Referrals increase your chances of interviewing at AEON Credit Service (Asia) Co., Ltd. by 2x

Get notified about new Manager Risk Management jobs in Kowloon, Hong Kong SAR .

Kwun Tong District, Hong Kong SAR 4 months ago

Kwun Tong District, Hong Kong SAR 1 month ago

Kwun Tong District, Hong Kong SAR 3 months ago

Tsim Sha Tsui, Hong Kong SAR 10 hours ago

Kowloon City District, Hong Kong SAR 1 week ago

Kwun Tong District, Hong Kong SAR 1 month ago

Kowloon City District, Hong Kong SAR 2 weeks ago

Kowloon City District, Hong Kong SAR 5 hours ago

Kwun Tong District, Hong Kong SAR 3 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from DBS Bank

Business Function:

Risk Management Group (RMG) is responsible for the development and maintenance of risk management and internal control frameworks. We provide independent review and challenge to business to ensure that appropriate balance is considered in risk/return decisions. In addition, RMG is responsible for the monitoring and reporting on key risk issues of the Bank. To manage risk effectively and deliver strong financial performance, we invest significantly in our people and infrastructure.

Job Purpose:

As the Country Head of Technology Risk Management in DBS, you will be responsible for overseeing the country’s technology risk management function. This pivotal role involves identifying, assessing, and managing technology-related risks (including Gen AI and Data Governance) to ensure the bank's information technology infrastructure and systems are secure, reliable, and compliant with regulatory standards. This position reports directly to Senior Risk Executive to ensure that the 2nd line of defence can provide a supplementary viewpoint in the risk assessment when issues arise. By leading a team of risk management professionals, you will play a crucial role in safeguarding the bank's reputation, assets, and customer data against potential technological threats and vulnerabilities.

Responsibilities:

Risk Assessment and Management

• Identify, evaluate, and prioritize potential technology-related risks across the bank's IT environment in accordance to the Group’s technology risk management framework
• Conduct regular risk assessments to evaluate the effectiveness of existing controls and identify areas for improvement
• Collaborate with other departments, such as IT, cybersecurity, compliance, and business units, to ensure a coordinated approach to technology risk management

Technology Policy and Standards

• Implement governance around key processes, and adequacy of frameworks and policies for technology risk management and ensure these are aligned with industry best practices and regulatory requirements
• Ensure compliance with relevant laws, regulations, and internal policies relating to technology risk management

Incident Response and Crisis Management

• Develop and execute incident response plans to handle technology-related incidents, including cyberattacks, data breaches, system failures, and other IT-related disruptions.
• Lead the response and recovery efforts during crisis situations to minimize the impact on the bank's operations and customers

Risk Mitigation and Control Implementation

• Propose and implement risk mitigation strategies to reduce the bank's exposure to potential technology risks
• Monitor the implementation and effectiveness of controls and measures to safeguard the bank's technology assets and data

Reporting and Communication

• Prepare regular risk reports for senior management and the board of directors, highlighting key technology risk issues, trends, and remediation actions
• Communicate risk-related matters to various stakeholders, including executive management, business units, auditors, and regulatory bodies

Emerging Technology Risk Analysis

• Stay up-to-date with the latest technological advancements and industry trends to identify and assess potential risks associated with new technologies
• Advise on the adoption of emerging technologies with a focus on managing associated risks effectively

Alert Monitoring and Stress Testing

• Work with Line 1 (first line of defence) to determine the threshold standard to monitor alerts. Challenge the LOBTs on the monitoring and define scenarios for stress-testing. Monitor and ensure all flagged issues are tracked to closure
• Participate in stress testing for various disaster recovery scenarios on an adhoc or periodic basis, taking a more thoughtful view at a higher level of what should be tested, including (i) observability (figure out what is happening e.g. is system available/working ok) (ii) scenarios for disaster recovery, and (iii) potential thought experiments (what happens in certain scenarios and whether these scenarios have been tested)

Team Leadership and Development

• Recruit, train, and lead a team of technology risk professionals, ensuring they have the necessary skills and knowledge to perform their roles effectively
• Foster a culture of risk awareness and compliance within the team and across the bank

Requirements:

• Bachelor's or Master's degree in Information Technology, Computer Science, Risk Management, or a related field
• Significant experience in technology risk management, information security, IT auditing, or a related discipline, preferably within the financial services industry
• Proven leadership and management experience, with the ability to guide and motivate a team effectively
• Strong understanding of IT infrastructure, applications, cybersecurity principles, and technology-related regulations and standards. Domain expertise in one or more of these areas preferred
• Familiarity with industry frameworks and methodologies for technology risk management, such as NIST Cybersecurity Framework, ISO 27001, and COBIT
• Excellent analytical and problem-solving skills, with a keen eye for detail
• Exceptional communication and presentation abilities, with the capability to convey complex technical concepts to non-technical stakeholders
• Professional certifications such as CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems Control) are advantageous
• As the Head of Technology Risk, you will play a critical role in maintaining the bank's technology resilience, ensuring that it can leverage technology while effectively managing potential risks that may arise from the digital landscape

Apply Now

We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognises your achievements.

We regret only shortlisted candidates will be notified.

• Seniority level Director

• Employment type Full-time

• Job function Information Technology, Consulting, and General Business
• Industries Banking, Investment Banking, and Capital Markets

Referrals increase your chances of interviewing at DBS Bank by 2x

Get notified about new Information Technology Risk Manager jobs in Hong Kong, Hong Kong SAR .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from DBS Bank

Business Function:

Risk Management Group (RMG) is responsible for the development and maintenance of risk management and internal control frameworks. We provide independent review and challenge to business to ensure that appropriate balance is considered in risk/return decisions. In addition, RMG is responsible for the monitoring and reporting on key risk issues of the Bank. To manage risk effectively and deliver strong financial performance, we invest significantly in our people and infrastructure.

Job Purpose:

As the Country Head of Technology Risk Management in DBS, you will be responsible for overseeing the country’s technology risk management function. This pivotal role involves identifying, assessing, and managing technology-related risks (including Gen AI and Data Governance) to ensure the bank's information technology infrastructure and systems are secure, reliable, and compliant with regulatory standards. This position reports directly to Senior Risk Executive to ensure that the 2nd line of defence can provide a supplementary viewpoint in the risk assessment when issues arise. By leading a team of risk management professionals, you will play a crucial role in safeguarding the bank's reputation, assets, and customer data against potential technological threats and vulnerabilities.

Responsibilities:

Risk Assessment and Management

• Identify, evaluate, and prioritize potential technology-related risks across the bank's IT environment in accordance to the Group’s technology risk management framework
• Conduct regular risk assessments to evaluate the effectiveness of existing controls and identify areas for improvement
• Collaborate with other departments, such as IT, cybersecurity, compliance, and business units, to ensure a coordinated approach to technology risk management

Technology Policy and Standards

• Implement governance around key processes, and adequacy of frameworks and policies for technology risk management and ensure these are aligned with industry best practices and regulatory requirements
• Ensure compliance with relevant laws, regulations, and internal policies relating to technology risk management

Incident Response and Crisis Management

• Develop and execute incident response plans to handle technology-related incidents, including cyberattacks, data breaches, system failures, and other IT-related disruptions.
• Lead the response and recovery efforts during crisis situations to minimize the impact on the bank's operations and customers

Risk Mitigation and Control Implementation

• Propose and implement risk mitigation strategies to reduce the bank's exposure to potential technology risks
• Monitor the implementation and effectiveness of controls and measures to safeguard the bank's technology assets and data

Reporting and Communication

• Prepare regular risk reports for senior management and the board of directors, highlighting key technology risk issues, trends, and remediation actions
• Communicate risk-related matters to various stakeholders, including executive management, business units, auditors, and regulatory bodies

Emerging Technology Risk Analysis

• Stay up-to-date with the latest technological advancements and industry trends to identify and assess potential risks associated with new technologies
• Advise on the adoption of emerging technologies with a focus on managing associated risks effectively

Alert Monitoring and Stress Testing

• Work with Line 1 (first line of defence) to determine the threshold standard to monitor alerts. Challenge the LOBTs on the monitoring and define scenarios for stress-testing. Monitor and ensure all flagged issues are tracked to closure
• Participate in stress testing for various disaster recovery scenarios on an adhoc or periodic basis, taking a more thoughtful view at a higher level of what should be tested, including (i) observability (figure out what is happening e.g. is system available/working ok) (ii) scenarios for disaster recovery, and (iii) potential thought experiments (what happens in certain scenarios and whether these scenarios have been tested)

Team Leadership and Development

• Recruit, train, and lead a team of technology risk professionals, ensuring they have the necessary skills and knowledge to perform their roles effectively
• Foster a culture of risk awareness and compliance within the team and across the bank

Requirements:

• Bachelor's or Master's degree in Information Technology, Computer Science, Risk Management, or a related field
• Significant experience in technology risk management, information security, IT auditing, or a related discipline, preferably within the financial services industry
• Proven leadership and management experience, with the ability to guide and motivate a team effectively
• Strong understanding of IT infrastructure, applications, cybersecurity principles, and technology-related regulations and standards. Domain expertise in one or more of these areas preferred
• Familiarity with industry frameworks and methodologies for technology risk management, such as NIST Cybersecurity Framework, ISO 27001, and COBIT
• Excellent analytical and problem-solving skills, with a keen eye for detail
• Exceptional communication and presentation abilities, with the capability to convey complex technical concepts to non-technical stakeholders
• Professional certifications such as CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems Control) are advantageous
• As the Head of Technology Risk, you will play a critical role in maintaining the bank's technology resilience, ensuring that it can leverage technology while effectively managing potential risks that may arise from the digital landscape

Apply Now

We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognises your achievements.

We regret only shortlisted candidates will be notified.

• Seniority level Director

• Employment type Full-time

• Job function Information Technology, Consulting, and General Business
• Industries Banking, Investment Banking, and Capital Markets

Referrals increase your chances of interviewing at DBS Bank by 2x

Get notified about new Information Technology Risk Manager jobs in Hong Kong, Hong Kong SAR .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.