What Jobs are available for Governance Manager in Hong Kong?

Client Description

Company Description: A leading financial institution in Asia, providing a wide array of banking services. They are known for their commitment to customer service and technological innovation.

Location: Kwun Tong

Nature: Secondment Contract (1 year, renewable)

Candidates with less experience may be considered for the IT Governance Officer role.

Job Description

• Assist the supervisor in developing a robust IT governance framework and promoting continuous improvement.
• Review and enhance the IT governance framework to effectively support corporate strategy and objectives.
• Design, develop, and implement IT governance-related policies, processes, and guidelines to ensure proactive conformance and oversight.
• Facilitate clear communication across the IT Department and business units regarding IT governance initiatives.
• Drive alignment across IT to single standards and promote office automation using intelligent tools.
• Propose innovative ideas to enhance productivity and overall operational efficiency.
• Implement and execute the annual training plan for department staff.
• Utilize MS Project, Excel, Visio, PowerPoint, and MIS Reporting tools for governance activities and reporting.

Job Requirements

• University degree, preferably in Information Technology, Computer Science, or a related field.
• Minimum 5 years of work experience in information technology management or IT governance, risk, and compliance.
• Extensive experience in system recovery and resilience planning.
• Possess sound knowledge of technology risk management and compliance with regulations.
• Solid experience in project planning and management.
• Sound knowledge of policy and procedure writing.
• Experience in operational resilience framework development is a definite advantage.
• Proficient in both spoken and written English and Chinese; fluency in English is preferred, and the ability to speak Mandarin is an advantage.
• Strong negotiator with excellent communication skills.
• Must have independent problem-solving and self-directing abilities.
• Must be self-driven, flexible, and possess high motivation.
• Familiarity with regulatory requirements such as HKMA (TM-G-1, TM-G-2, OR-2), PDPO, and PCI-DSS is preferred.

We are seeking an experienced Lead Data Governance Manager with over 15 years of hands-on expertise in Data Governance, covering both cloud environments (Google Cloud Platform, Amazon Web Services) and on-premises enterprise platforms. He or She will design, build, and operationalize comprehensive governance programs spanning on-prem and cloud, ensuring a unified and robust data governance strategy across all environments.

Key Responsibilities

• Design, implement, and drive enterprise-wide data governance programs across on-premises, hybrid, and multi-cloud environments, ensuring regulatory compliance, data quality, and security.

• Develop and maintain policies, standards, and operating models for data ownership, classification, access control, retention, and stewardship applicable to both on-prem and cloud.

• Design with the Architect to automate solutions for metadata management, data lineage, cataloging, data quality, and data privacy using native on-prem, GCP, and AWS services.

• Collaborate with data engineering, architecture, security, and compliance teams to embed governance controls across all data pipelines and platforms.

• Lead MDM (Master Data Management), data catalog, DLP (Data Loss Prevention), and compliance projects for both on-prem and cloud systems, leveraging native and third-party tools.

• Establish governance KPIs, reporting dashboards, and continuous improvement processes for measuring program effectiveness across environments.

• Advise on data platform and integration strategies, technology evaluations, and governance tool selection.

• Lead Data Governance team members, fostering continuous skill and knowledge development through day-to-day mentorship and guidance.

• Deliver Training to data engineers and data scientists on data governance principles and their Strategic importance.

Required Skills and Experience

• 15+ years of experience in Data Governance, Data Management, or Data Architecture in large-scale enterprise environments with significant on-prem and cloud footprints.

• Expert hands-on knowledge of on-prem data technologies (RDBMS, data warehouses, ETL tools, MDM platforms, metadata management, and DLP solutions) alongside Google Cloud (BigQuery, Dataproc, Data Catalog, DLP, IAM, Security Command Center, etc.) and AWS (S3, Glue, Lake Formation, CloudTrail, AWS DMS, Macie, IAM, etc.).

• Proven experience integrating and governing data across on-prem, cloud, and hybrid architectures.

• Deep understanding of industry regulations (GDPR, CCPA, HIPAA) and privacy-by-design principles across all technology stacks.

• Experience implementing data classification, lineage, and cataloging solutions for distributed, on-prem, and multi-cloud platforms.

• Familiarity with data quality, master/reference data management, batch/streaming data integration, and cloud/on-prem API integrations.

• Ability to communicate complex governance concepts to both technical and non-technical stakeholders, including C-level executives.

• Strong project management, stakeholder engagement, and problem-solving skills.

Preferred Qualifications

• Cloud and data management certifications (Google Professional Data Engineer, AWS Certified Data Analytics, AWS Security, on-prem MDM or data warehousing).

• Experience leading hybrid and regulated enterprise data governance transformations.

• Prior experience implementing governance solutions in regulated industries (finance, healthcare, pharma, government, etc.).

Personal Attributes

• Strategic thinker with a passion for hands-on technical work and architectural vision.

• Strong leadership, collaboration, and mentoring capabilities.

• Adaptable, proactive, and thorough, with a board-level view of end-to-end data governance strategy and execution.

If you are a dynamic data leader with deep roots in both on-prem and cloud data ecosystems—and possess mastery across GCP, AWS, and enterprise platforms—we invite you to join our team to shape the future of our unified data landscape.

All personal data provided by candidates will be used for recruitment purposes only by HKT Services Limited in accordance with HKT's Privacy Statement, which is available on our website. Unless otherwise instructed in writing, candidates may be considered for other suitable positions within the Group (being, HKT Limited, PCCW Limited and their respective subsidiaries, affiliates and associated companies). Personal data of unsuccessful candidates will normally be destroyed 24 months after rejection of the candidate's application. If you have any questions regarding your personal data held by HKT Services Limited HKT's Privacy Statement, please feel free to contact our Privacy Compliance Officer by writing to or GPO Box 9896, Hong Kong.

IT Governance & Strategy

• Develop and Uphold Standards: Work closely with the supervisor to design, implement, and maintain a robust IT Governance Framework that promotes high standards for IT Service Management and drives continuous operational improvement.
• Strategic Alignment: Proactively review and enhance the governance framework to ensure IT strategies and objectives are directly supporting the broader corporate goals.
• Policy & Process Development: Design, write, and implement essential IT governance policies, processes, and guidelines to ensure a continuous and proactive conformance and oversight program.

Compliance & Operational Efficiency

• Cross-Functional Communication: Act as the key facilitator for communication between the IT Department and business units regarding new governance initiatives and best practices.
• Standardization & Automation: Drive department-wide adoption of single standards and provide a holistic view for implementing office automation solutions using intelligent tools to boost productivity.
• Innovation: Employ a clear, innovative mindset to propose and implement ideas that enhance overall productivity and operational efficiency.
• Training: Execute the annual training plan for department staff to ensure high levels of awareness and competence in IT governance and security.

Technical Expertise & Experience

• Education: University graduate, preferably in Information Technology, Computer Science, or a related field.
• Experience: A minimum of 5 years of progressive work experience in IT Governance, Risk, Compliance (GRC), or Information Technology Management.
• Resilience Planning: Extensive experience in System Recovery and Resilience Planning with sound knowledge of technology risk management and regulatory compliance. Experience in Operational Resilience framework development is a distinct advantage.
• Project Management: Solid proven experience in IT project planning and management.
• Documentation: Sound knowledge and proven ability in writing clear and effective policies and procedures.
• Language: Proficient in both spoken and written English and Chinese. Fluency in English is preferred, and the ability to speak Mandarin is an asset.

Desirable Technical Familiarity

• Familiarity with regulatory requirements such as HKMA (TM-G-1, TM-G-2, OR-2), PDPO, PCI-DSS, etc., is preferred.

• Proficiency with tools like MS Project, Excel, Visio, PowerPoint, and MIS Reporting.

• IT Project Officer/ Business Analyst (IT Governance/System recovery/DR drill/resilience plan)

• Data & Inventory Management: Handle data processing, maintain comprehensive software inventory records, and ensure all documentation and records are accurate and up-to-date.
• Reporting & Compliance: Prepare regular reports and operational dashboards for management and internal stakeholders. As part of daily operations, ensure all IT processes are accurate and adhere strictly to internal procedures and standards.
• Governance Support: Assist the team in developing governance frameworks and procedures, including the preparation of high-quality policy documents and presentation materials.
• Administrative & Coordination: Serve as a key liaison for internal project coordination and provide general administrative support or perform other duties as directed by the supervisor.

• Education: University degree, preferably in Business Administration, Information Technology, Operation Management, or a related discipline.

• Experience: A minimum of 2 years of professional work experience in one or more of the following domains:

• Office/Business Administration

• IT Asset Management
• Application Development & Support/IT Operations Management
• Technology Risk & Compliance Management
• Documentation: Extensive experience in policy and procedure writing and documentation.
• Skills: Sound knowledge of MS Excel, Visio, and PowerPoint.
• Mindset: Independent problem-solving abilities, self-directed, and a highly motivated, flexible, and self-driven attitude.
• Language: Good command of both spoken and written English and Chinese is required. Fluency in English is preferred, and the ability to speak Putonghua (Mandarin) is a plus.
• Regulatory Familiarity (Preferred): Familiarity with regulatory requirements such as HKMA guidelines (e.g., IC-1, TM-G-1, TM-G-2, SA-2, CG-3, CG-6), PDPO, PCI-DSS, etc. is highly desirable.

About the Role

We are looking for a proactive and experienced professional to join our Model Risk team as an
AI Model Governance Manager.
The position will be 12 months basis contract with high possibility to renew. This role is responsible for establishing and maintaining governance frameworks for AI and machine learning models used across the bank, ensuring they are transparent, explainable, compliant, and aligned with regulatory expectations.

Key Responsibilities

• Develop and maintain the bank's AI model governance framework, including policies, procedures, and control standards.
• Oversee the lifecycle management of AI/ML models, including documentation, approval, monitoring, and retirement.
• Ensure compliance with internal model risk policies and external regulatory requirements (e.g., HKMA, MAS, Basel, SR 11-7).
• Collaborate with model developers, data scientists, risk managers, and IT teams to ensure proper governance and oversight.
• Promote model transparency and explainability, and support the implementation of responsible AI practices.
• Prepare governance reports and present findings to senior management and regulators.

Qualifications

• Bachelor's or Master's degree in Data Science, Statistics, Finance, Risk Management, or related field.
• 8 years of working experience in model governance or compliance in Financial Service Industry with understanding of AI/ML model development and validation processes.
• Familiarity with regulatory guidelines related to model risk and AI (e.g., HKMA SPM, Basel, SR 11-7, EU AI Act).

General Job Scope:

Strengthening Identity and Access Management (IAM) governance, overseeing vulnerability management practices, and supporting the implementation of security controls to protect critical assets and data.

• Lead the execution of information security projects, including IAM enhancements and vulnerability remediation initiatives.
• Improve the awareness of the senior management, business users and IT professional on the technology threat the company is facing and more sensitive on protecting customers' interest and privacy.
• Maintain up-to-date knowledge of information security policies, standards, and guidelines, and ensure their effective implementation in local applications to safeguard the integrity, confidentiality, and availability of IT systems and data across the organization.
• Maintain effective communication and influential partnership with strategic key stakeholders.
• Upgrade information security level with the alignment to company standards and guidelines and develop technology governance programmes to uplift company's technology resilience level.
• Address business disruption or service outage proactively and prevent from re-occurrence.
• Establish and maintain processes to identify technology risks and potential breaches, ensuring continuous protection of assets and information.
• Conduct IAM operations and reviews to ensure proper access provisioning, role-based access control, and periodic access certifications in alignment with compliance and audit requirements.
• Oversee vulnerability management activities, including regular scanning, risk assessment, prioritization, and coordination of remediation efforts with relevant teams.
• Drive improvements in security assessment practices, including application and infrastructure reviews, and recommend actionable enhancements.
• Consolidate and track remediation progress for audit findings, with a focus on IAM and vulnerability-related issues, ensuring timely closure and compliance.
• Govern regular assessments of applications and systems, and provide recommendations to strengthen security posture and reduce risk exposure.
• Require to obtain relevant licence(s) if the job involves regulated activities.

Requirements

• Bachelor's degree in Computer Science, Information Systems, or related disciplines preferred.
• 7-10 years of experience in information security governance or related control functions within the financial sector.
• An influencer and facilitator; able to build strong interpersonal relationships, and inform, guide and motivate stakeholders and technology experts at different levels to address risks with due care and attention to detail.
• Strong communication skills; able to explain risks that are often complex and obscure to non-specialists; a good listener who can understand stakeholders' concerns;Hands-on experience in developing scripts or tools using Python to support security automation, data analysis, or process improvement.
• Strong understanding of IAM principles and vulnerability management practices.
• Prior experience in IT risk control, audit, or project management is an advantage.
• Ability to work independently and manage tasks under tight deadlines.

General Job Scope:

Strengthening Identity and Access Management (IAM) governance, overseeing vulnerability management practices, and supporting the implementation of security controls to protect critical assets and data.

• Lead the execution of information security projects, including IAM enhancements and vulnerability remediation initiatives.
• Improve the awareness of the senior management, business users and IT professional on the technology threat the company is facing and more sensitive on protecting customers' interest and privacy.
• Maintain up-to-date knowledge of information security policies, standards, and guidelines, and ensure their effective implementation in local applications to safeguard the integrity, confidentiality, and availability of IT systems and data across the organization.
• Maintain effective communication and influential partnership with strategic key stakeholders.
• Upgrade information security level with the alignment to company standards and guidelines and develop technology governance programmes to uplift company's technology resilience level.
• Address business disruption or service outage proactively and prevent from re-occurrence.

• Establish and maintain processes to identify technology risks and potential breaches, ensuring continuous protection of assets and information.

• Conduct IAM operations and reviews to ensure proper access provisioning, role-based access control, and periodic access certifications in alignment with compliance and audit requirements.

• Oversee vulnerability management activities, including regular scanning, risk assessment, prioritization, and coordination of remediation efforts with relevant teams.
• Drive improvements in security assessment practices, including application and infrastructure reviews, and recommend actionable enhancements.
• Consolidate and track remediation progress for audit findings, with a focus on IAM and vulnerability-related issues, ensuring timely closure and compliance.
• Govern regular assessments of applications and systems, and provide recommendations to strengthen security posture and reduce risk exposure.
• Require to obtain relevant licence(s) if the job involves regulated activities.

Requirements

• Bachelor's degree in Computer Science, Information Systems, or related disciplines preferred.
• 7-10 years of experience in information security governance or related control functions within the financial sector.
• An influencer and facilitator; able to build strong interpersonal relationships, and inform, guide and motivate stakeholders and technology experts at different levels to address risks with due care and attention to detail.
• Strong communication skills; able to explain risks that are often complex and obscure to non-specialists; a good listener who can understand stakeholders' concerns;Hands-on experience in developing scripts or tools using Python to support security automation, data analysis, or process improvement.
• Strong understanding of IAM principles and vulnerability management practices.
• Prior experience in IT risk control, audit, or project management is an advantage.
• Ability to work independently and manage tasks under tight deadlines.

Responsibilities:

• Develop and refine a comprehensive governance framework for AI models.
• Track model performance and maintain model inventories.
• Adapt policies based on regulatory changes in AI governance.
• Implement protocols for model explainability and bias detection.
• Assess high-risk areas and recommend mitigation strategies.
• Collaborate with compliance, legal, data science, and IT teams.

Qualifications:

• Advanced degree in Quantitative Finance, Statistics, or related fields.
• At least 7 years of experience in model governance or risk analytics in financial services.
• Strong knowledge of statistical modeling and machine learning.
• Excellent communication skills to convey complex information effectively.

We are looking for an AI Model Governance Manager to enhance the model governance practices in the banking sector. This role will ensure the AI models comply with banking standards and regulatory requirements.

Responsibilities:

• Develop and refine a comprehensive governance framework for AI models.
• Track model performance and maintain model inventories.
• Adapt policies based on regulatory changes in AI governance.
• Implement protocols for model explainability and bias detection.
• Assess high-risk areas and recommend mitigation strategies.
• Collaborate with compliance, legal, data science, and IT teams.

Qualifications:

• Advanced degree in Quantitative Finance, Statistics, or related fields.
• At least 7 years of experience in model governance or risk analytics in financial services.
• Strong knowledge of statistical modeling and machine learning.
• Excellent communication skills to convey complex information effectively.

Reports To: Head of EEX Design, Insights & Governance

Department: People Department (PPL)

The Employee Data & Process Governance Manager ensures all activities with People department (PPL) adhere to People Policies & Manuals (PPM), regulatory requirements, and data governance standards through audits, risk oversight, and controls enforcement.

As the Risk & Compliance Champion for the People Department, this role coordinates all audit activities with Group Internal Audit (GIA) and all risk matters with Group Opportunities & Risk (GOR).

As an Employee Data & Process Governance Manager, you will drive Employee Data Governance initiatives through working closely with the Data Protection Office (DPO) and governs the employee data handling operation including principles and processes, data access to ensure compliance with Data Governance principles, company guidelines, and privacy law. You also accountable for setting up Data Quality processes to drive improvement in quality of employee data across the company.

People Governance

• Act as PPL Departmental contact on all audit-related matters, including co-ordinating with GIA team on clarifying audit findings, developing action plans and leading other PPL team members to ensure findings are closed within stipulated timelines
• Collaborate with PPL COE as well as other stakeholders to ensure policies and internal practices/guidelines are developed and updated to meet the requirements set by internal audit, as required
• Escalating and following up where necessary, chairing team meetings to discuss and progress actions, and reporting on progress to Senior People Leadership on a regular basis
• Act as the PPL Departmental contact for Group Opportunity & Risk (GOR) on People-related risk matters, ensuring adherence to company policies and internal PPM/SOPs through regular compliance audits
• Lead risk assessments for PPL processes, manage the department's risk register and ensuring controls are effective, timely reporting of high-risk issues to Senior People Leadership and GOR

Employee Data Governance

• Lead the Centre of Excellence for all employee data governance matters, including setting up the data quality framework and promoting a strong data quality culture
• Review and collaborate with the Data Protection Officer and PPL COE to review Privacy Impact Assessment submissions, drive process changes in data protection regulations, and ensure compliance with data governance principles
• Guide and collaborate with BU, IT, and DGT on Analytic Data Governance initiatives, including Data Classification assignments and drive continuous improvement in employee data handling and data access request standardization
• Manage the documentation of employee data handling processes, maintain Record of Processing Activities, access control registration, and data retention periods, and ensure compliance with company policies and privacy law
• Collaborate with PPL COE, Group Legal & Compliance, IT and other key stakeholders across the company to develop and maintain employee data privacy guidelines and polices

• Degree holder with a minimum 10 years' HR related experience including HR data governance and policy set up
• Methodological with strong attention to detail and demonstrates experience in developing processes that meet business needs
• Experience leading the implementation of new policy and data governance model, in a large-scale organisation, with a global or multi-geography footprint
• Strong knowledge of privacy law and practice, especially in GDPR, PIPL requirement
• Strong knowledge of the HR technology / digital employee experiences industry landscape, trends tools and techniques preferred
• Strong communication skills
• Excellent stakeholder management capabilities and ability to connect with and influence multiple stakeholders
• Strong analytical and problem-solving skills
• Strong project management skills
• Fluent in spoken and written English

Application Deadline: 7 Oct 2025

Cathay Pacific is an Equal Opportunities Employer. Personal data provided by job applicants will be used strictly in accordance with our Applicant Personal Information Collection Statement and for recruitment purposes only. Candidates not notified within eight weeks may consider their application unsuccessful. We keep records of your data for no longer than is necessary for the purpose for which we obtained them and any other permitted linked purposes. If your application is unsuccessful, we will keep your details on file for as long as is necessary to process your application or for the purposes of further job opportunities if you agree to such longer periods.