166 Security Compliance jobs in Hong Kong

1 week ago Be among the first 25 applicants

As our Security Compliance Analyst / Manager, you will be tasked with security compliance activities along with our journey. You are expected to take the initiative to assist us with several security compliance programs and certifications. You are required to address and review compliance gaps and give recommendations and support on remediation activities. You will also be trusted to provide technical advice to ensure that security compliance requirements are met throughout all business units. The role will essentially combine regional support with a focus on advancing our automation initiatives.

As our Security Compliance Analyst / Manager, you will be tasked with security compliance activities along with our journey. You are expected to take the initiative to assist us with several security compliance programs and certifications. You are required to address and review compliance gaps and give recommendations and support on remediation activities. You will also be trusted to provide technical advice to ensure that security compliance requirements are met throughout all business units. The role will essentially combine regional support with a focus on advancing our automation initiatives.

Responsibilities

• Assist in our security compliance programs, including ISO27001, ISO27701, PCI-DSS, SOC 2, etc
  

• Participate in internal security and privacy assessments, internal and external audits, compliance certifications, and risk management
  

• Provide complete and accurate responses to internal and third-party enquiries on security compliance
  

• Perform security compliance assessment activities, including periodic technical, organizational, and third-party risk and control assessments, and managing remediation activities to completion
  

• Design necessary control required to comply with international standards and local regulations
  

• Evaluate technical and organisational controls to ensure effectiveness and compliance, including managing the control remediation efforts
  

• Identify opportunities to reduce manual effort in control testing and audit readiness through scripting and compliance tooling
  

• Drive the development and implementation of automation solutions to streamline compliance monitoring, evidence collection, and reporting processes
  

Requirements

• Experience in information security compliance, security operations or technology risk management, or consultation related roles
  

• Prefer experience with one or more of the following: conducting security control assessments, risk assessments or implementing security solutions
  

• Prefer experience with any of the following: ISO27001, ISO27701, SOC2, PCI DSS, cloud technologies, and data protection regulations and requirements
  

• Holders of security-related certifications/qualifications will be an advantage: CISSP, CRISC, CISM, CISA, ISO27001 LA, CIPT, CIPP/E, or other relevant certifications
  

• Minimum 3 / 5 years of hands-on experience in a fast-paced working environment. Candidates with less experience will be considered for a junior position
  

• Experience leading compliance initiatives and working with auditors and/or external regulators
  

• A role combining regional support with a focus on advancing our automation initiatives
  

• Proven experience with compliance automation tools and techniques (e.g., GRC platforms, scripting, security orchestration, AI, MCP, AI Agent, Agentic RAG)
  

• Hands-on experience in implementing automated control testing or evidence gathering in cloud or hybrid environments
  

• Be a friendly team player with a positive attitude
  

• Demonstrate a strong commitment to personal learning and development
  

• Detail minded with an analytical mindset
  

• Good communication skills with an ability to explain complex technical issues to non-technical business users
  

• Prior experience with project management
  

Seniority level

• Seniority level Not Applicable

Employment type

• Employment type Full-time

Job function

• Job function Finance, Legal, and Accounting/Auditing

Referrals increase your chances of interviewing at Crypto.com by 2x

Get notified about new Compliance Analyst jobs in Hong Kong, Hong Kong SAR .

AVP/Senior Associate/ Associate, Investigations (Anti-Scam), Legal, Compliance & Secretariat

Kwun Tong District, Hong Kong SAR 5 days ago

Compliance Officer - Primary Markets Compliance Compliance Officer, Foreign Asset Management

Hong Kong, Hong Kong SAR HK$30,000.00-HK$5,000.00 1 week ago

Wan Chai District, Hong Kong SAR 23 hours ago

Assistant Manager/ Manager – Regulatory & Compliance (Assistant / Deputy) Compliance Manager (Compliance Review) Compliance Manager, Anti-Money Laundering Compliance Officer (International Hedge Fund)

Hong Kong, Hong Kong SAR HK$1 200,000.00-HK 1,900,000.00 3 weeks ago

Hong Kong, Hong Kong SAR 36,000.00- 70,000.00 1 week ago

Assistant Manager to Deputy Manager, General Compliance (Compliance and Legal ASSO, Surveillance and Trading Compliance Team, Legal and Compliance Regulatory Compliance Officer - Wealth Management / Bancassurance Compliance Governance Manager/Associate, HK Officer, Financial Crime Compliance – 1 year contract

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Manager, Information Security Policy & Compliance

Join to apply for the Manager, Information Security Policy & Compliance role at The Hong Kong Jockey Club

Manager, Information Security Policy & Compliance

4 days ago Be among the first 25 applicants

Join to apply for the Manager, Information Security Policy & Compliance role at The Hong Kong Jockey Club

Job Summary

Reporting to the Senior Manager, ISRA, you will be a key member involved in uplifting the Club’s information security assurance as a second line of defence. You will be developing and maintaining Information Security Policy, Acceptable Use Policy and other policies. You will also be designing and implementing a compliance self-assessment programme for the compliance of the policies. You will also be involved in other information security assurance and technology risk management activities as assigned.

Job Summary

Reporting to the Senior Manager, ISRA, you will be a key member involved in uplifting the Club’s information security assurance as a second line of defence. You will be developing and maintaining Information Security Policy, Acceptable Use Policy and other policies. You will also be designing and implementing a compliance self-assessment programme for the compliance of the policies. You will also be involved in other information security assurance and technology risk management activities as assigned.

The Job

You will:

• Develop and maintain information security policies.
• Perform compliance assessment against information security policies.
• Assist in programme management, and work with external consultants to deliver technology risk and information security projects.
• Conduct information security risk assessments and control assurance testing.
• Assist in delivering information security initiatives and prepare necessary documentation.
• Assist in technology risk management activities.
• Monitor and report on security metrics and trends to monitor the technology and information security risks.
• Promote security awareness within the organization, fostering a culture of risk management.
  
  
  

About You

You should have:

• University degree in Computer Science, Information Technology, Cybersecurity, Engineering, Risk Management or related fields.
• 5 to 7 years of practical experience in Cyber Security or Technology Risk roles.
• Hands-on experience in enterprise security infrastructure, risk assessments, and security testing.
• Experience with identity and access management systems and principles.
• Familiarity with security frameworks and standards (e.g. ISO27001, NIST).
• Understand second line of defence roles and responsibilities.
• Relevant certifications such as CISSP, CISA or CISM are preferred.
  
  
  

Terms of Employment

The level of appointment will be commensurate with qualification and experience.

How to Apply

Please send your resume, complete with expected salary and job reference by clicking the Apply Now.

We are an equal opportunity employer. Personal data provided by job applicants will be used strictly in accordance with the Club's notice to employees and prospective employees relating to the Personal Data (Privacy) Ordinance. A copy of which will be provided immediately upon request.

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries Non-profit Organizations

Referrals increase your chances of interviewing at The Hong Kong Jockey Club by 2x

Sign in to set job alerts for “Information Security Manager” roles. Cybersecurity Manager, Group Cybersecurity Senior Security Consultant/ Cybersecurity Manager (CISSP, CISA, CISM) - 60K+B

Kwun Tong District, Hong Kong SAR 1 month ago

Senior Manager, IT Governance and Architecture Manager, Cyber Security (DTD079/25, 10360)

Kwun Tong District, Hong Kong SAR 4 days ago

Deputy Executive Manager, Security Architecture

Sha Tin District, Hong Kong SAR 1 week ago

Technology Risk Manager (IT Security) – Information Technology Department Assistant Technical Manager, Cyber Security

Sha Tin District, Hong Kong SAR 2 weeks ago

Service Delivery Manager (Cybersecurity) Cyber Engagement Lead, Mandiant Consulting, Google Cloud Manager, Operational and Strategic Risk (Cyber Security) Technical Manager, Data Security & Protection

Sha Tin District, Hong Kong SAR 1 week ago

Senior Technical Manager, Cyber Defense Engineering

Sha Tin District, Hong Kong SAR 1 week ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Manager, Information Security Policy & Compliance

Join to apply for the Manager, Information Security Policy & Compliance role at The Hong Kong Jockey Club

Manager, Information Security Policy & Compliance

4 days ago Be among the first 25 applicants

Join to apply for the Manager, Information Security Policy & Compliance role at The Hong Kong Jockey Club

Job Summary
Reporting to the Senior Manager, ISRA, you will be a key member involved in uplifting the Club’s information security assurance as a second line of defence. You will be developing and maintaining Information Security Policy, Acceptable Use Policy and other policies. You will also be designing and implementing a compliance self-assessment programme for the compliance of the policies. You will also be involved in other information security assurance and technology risk management activities as assigned.

Job Summary
Reporting to the Senior Manager, ISRA, you will be a key member involved in uplifting the Club’s information security assurance as a second line of defence. You will be developing and maintaining Information Security Policy, Acceptable Use Policy and other policies. You will also be designing and implementing a compliance self-assessment programme for the compliance of the policies. You will also be involved in other information security assurance and technology risk management activities as assigned.
The Job
You will:

• Develop and maintain information security policies.
• Perform compliance assessment against information security policies.
• Assist in programme management, and work with external consultants to deliver technology risk and information security projects.
• Conduct information security risk assessments and control assurance testing.
• Assist in delivering information security initiatives and prepare necessary documentation.
• Assist in technology risk management activities.
• Monitor and report on security metrics and trends to monitor the technology and information security risks.
• Promote security awareness within the organization, fostering a culture of risk management.
  

About You
You should have:

• University degree in Computer Science, Information Technology, Cybersecurity, Engineering, Risk Management or related fields.
• 5 to 7 years of practical experience in Cyber Security or Technology Risk roles.
• Hands-on experience in enterprise security infrastructure, risk assessments, and security testing.
• Experience with identity and access management systems and principles.
• Familiarity with security frameworks and standards (e.g. ISO27001, NIST).
• Understand second line of defence roles and responsibilities.
• Relevant certifications such as CISSP, CISA or CISM are preferred.
  

Terms of Employment
The level of appointment will be commensurate with qualification and experience.
How to Apply
Please send your resume, complete with expected salary and job reference by clicking the Apply Now.
We are an equal opportunity employer. Personal data provided by job applicants will be used strictly in accordance with the Club's notice to employees and prospective employees relating to the Personal Data (Privacy) Ordinance. A copy of which will be provided immediately upon request. Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries Non-profit Organizations

Referrals increase your chances of interviewing at The Hong Kong Jockey Club by 2x

Sign in to set job alerts for “Information Security Manager” roles. Cybersecurity Manager, Group Cybersecurity Senior Security Consultant/ Cybersecurity Manager (CISSP, CISA, CISM) - 60K+B

Kwun Tong District, Hong Kong SAR 1 month ago

Senior Manager, IT Governance and Architecture Manager, Cyber Security (DTD079/25, 10360)

Kwun Tong District, Hong Kong SAR 4 days ago

Deputy Executive Manager, Security Architecture

Sha Tin District, Hong Kong SAR 1 week ago

Technology Risk Manager (IT Security) – Information Technology Department Assistant Technical Manager, Cyber Security

Sha Tin District, Hong Kong SAR 2 weeks ago

Service Delivery Manager (Cybersecurity) Cyber Engagement Lead, Mandiant Consulting, Google Cloud Manager, Operational and Strategic Risk (Cyber Security) Technical Manager, Data Security & Protection

Sha Tin District, Hong Kong SAR 1 week ago

Senior Technical Manager, Cyber Defense Engineering

Sha Tin District, Hong Kong SAR 1 week ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Associate Director, Data Security and Compliance

Join to apply for the Associate Director, Data Security and Compliance role at Manulife

Associate Director, Data Security and Compliance

2 weeks ago Be among the first 25 applicants

Join to apply for the Associate Director, Data Security and Compliance role at Manulife

The Asia Data Office (ADO) is a team of data professionals dedicated to enabling data as a strategic asset to drive business outcomes across Asia and the broader Asia segment. The team comprises Data Analysts, Architects, Engineers, and Business Intelligence professionals focused on delivering high-quality, accessible data for use cases spanning Business Intelligence, Digital Applications, and Advanced Analytics.

We are seeking a highly skilled and experienced Associate Director, Data Security and Compliance to spearhead the development and enforcement of access management frameworks and data risk policies across multiple data lakes in Asia, while ensuring alignment with global standards. This role is critical in maintaining regulatory compliance across ten markets and managing key data risks within the Asia Data Office.

Position Responsibilities

Access Management

• Framework Development: Design, implement, and maintain robust access management frameworks and policies to ensure secure and efficient data access across Asia’s data lakes.
• Policy Integration: Collaborate with global teams to align regional access policies with global standards.
• Access Controls: Regularly monitor and audit access controls to ensure compliance with internal policies and security protocols.
• User Access Management: Oversee role-based access provisioning, ensuring appropriate access levels based on responsibilities.
• Technology Enablement: Partner with IT and architecture teams to implement tools and technologies that support access governance.
  
  

Data Governance

• Governance Oversight: Ensure effective governance of data access, maintaining data integrity, security, and availability.
• Quality Initiatives: Lead efforts to standardize and harmonize data access processes across the region.
• Policy Enforcement: Ensure adherence to data governance policies by all stakeholders.
  
  

Regulatory Compliance

• Compliance Monitoring: Track and ensure compliance with data access regulations across ten markets, adapting policies as needed.
• Regulatory Liaison: Work closely with legal and compliance teams to meet local and international regulatory requirements.
• Documentation: Maintain clear and comprehensive documentation of access policies and procedures.
  
  

Data Risk Management

• Risk Identification & Mitigation: Identify, assess, and mitigate data privacy and security risks. Lead Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
• Risk Execution: Own and execute Information Risk Assessments (IRAs) for the Asia Data Office.
• Audit & Compliance: Conduct regular audits to ensure ongoing compliance with privacy and security laws. Implement corrective actions as necessary.
• Incident Response: Lead response efforts for data breach incidents, including investigation, reporting, and remediation.
• Reporting: Provide regular updates on data risk status and mitigation strategies to the Asia Chief Data Officer and senior leadership.
• Training & Awareness: Develop and deliver training programs to promote a culture of privacy and data security awareness.
  
  

Coordination & Collaboration

• Cross-Functional Engagement: Collaborate with IT, legal, compliance, architecture, engineering, and business teams to ensure cohesive access management.
• Culture Building: Promote data stewardship and accountability across the organization.
• Solution Design: Work closely with solution and data architects to design access management solutions aligned with business and regulatory needs.
  
  

Required Qualifications

• Bachelor’s or Master’s degree in Information Technology, Data Science, Business Administration, or a related field.
• 8–10 years of experience in access management, data governance, or risk management.
• Experience in a multinational organization with a focus on Asia.
• Professional certifications such as CIPP, CRISC, or CDMP.
• Strong knowledge of access frameworks, governance policies, and regulatory compliance.
• Proficiency in technologies such as SQL, Oracle RDBMS, Microsoft Synapse, Azure Data Lake Storage (ADLS), Azure Data Factory, Cosmos DB, and Databricks.
• Foundational understanding of emerging technologies like Generative AI and OpenAI.
• Demonstrated experience in managing data risks and implementing mitigation strategies.
• Excellent leadership, communication, and stakeholder management skills.
• Ability to thrive in a fast-paced, dynamic environment with multiple priorities.
  
  

When You Join Our Team

• We’ll empower you to learn and grow the career you want.
• We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
• As part of our global team, we’ll support you in shaping the future you want to see.
  
  

About Manulife And John Hancock

Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact

Working Arrangement

Hybrid

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Other
• Industries Insurance

Referrals increase your chances of interviewing at Manulife by 2x

Get notified about new Director of Security jobs in Hong Kong, Hong Kong SAR .

Corporate Bank - Head of Securities Services - Director/ VP Director/ Deputy Director, Client Development

Shenzhen, Guangdong, China CN¥20,000.00-CN¥0,000.00 2 years ago

Treasury Director, Chinese Securities, 85k Security Operations Manager (MNC Retail) Manager, Infrastructure and Network Operations, Global IT Security and Operation Specialist (Asst Manager Level) Senior Operations Manager, Securities Brokerage

Shenzhen, Guangdong, China CN 0,000.00-CN 0,000.00 2 years ago

Security Architect - Director/Executive Level Data Engineer, Director P4, Institutional Securities Technology Manager/Associate Director, Cyber Security (Strategy, Governance & Risk), Technology Consulting Manager/Associate Director, Cyber Security (Simulated Attack), Technology Consulting Manager, Cyber Security Operations (MJ006042) Manager/Associate Director , Cloud Security, Technology Consulting Manager/Associate Director, Data Privacy and Protection, Technology Consulting Assistant Manager (Ant Bank - For Securities Operations) Manager - Professional Environment Services (Facilities & Office Operation) - Hong Kong(314235) Marketing Officer/ Senior Marketing Officer

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

**Associate Director, Data Security and Compliance**
The Asia Data Office (ADO) is a team of data professionals dedicated to enabling data as a strategic asset to drive business outcomes across Asia and the broader Asia segment. The team comprises Data Analysts, Architects, Engineers, and Business Intelligence professionals focused on delivering high-quality, accessible data for use cases spanning Business Intelligence, Digital Applications, and Advanced Analytics.
We are seeking a highly skilled and experienced Associate Director, Data Security and Compliance to spearhead the development and enforcement of access management frameworks and data risk policies across multiple data lakes in Asia, while ensuring alignment with global standards. This role is critical in maintaining regulatory compliance across ten markets and managing key data risks within the Asia Data Office.
**Position Responsibilities:**
**Access Management**
+ **Framework Development:** Design, implement, and maintain robust access management frameworks and policies to ensure secure and efficient data access across Asia's data lakes.
+ **Policy Integration:** Collaborate with global teams to align regional access policies with global standards.
+ **Access Controls:** Regularly monitor and audit access controls to ensure compliance with internal policies and security protocols.
+ **User Access Management:** Oversee role-based access provisioning, ensuring appropriate access levels based on responsibilities.
+ **Technology Enablement:** Partner with IT and architecture teams to implement tools and technologies that support access governance.
**Data Governance**
+ **Governance Oversight:** Ensure effective governance of data access, maintaining data integrity, security, and availability.
+ **Quality Initiatives:** Lead efforts to standardize and harmonize data access processes across the region.
+ **Policy Enforcement:** Ensure adherence to data governance policies by all stakeholders.
**Regulatory Compliance**
+ **Compliance Monitoring:** Track and ensure compliance with data access regulations across ten markets, adapting policies as needed.
+ **Regulatory Liaison:** Work closely with legal and compliance teams to meet local and international regulatory requirements.
+ **Documentation:** Maintain clear and comprehensive documentation of access policies and procedures.
**Data Risk Management**
+ **Risk Identification & Mitigation:** Identify, assess, and mitigate data privacy and security risks. Lead Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
+ **Risk Execution:** Own and execute Information Risk Assessments (IRAs) for the Asia Data Office.
+ **Audit & Compliance:** Conduct regular audits to ensure ongoing compliance with privacy and security laws. Implement corrective actions as necessary.
+ **Incident Response:** Lead response efforts for data breach incidents, including investigation, reporting, and remediation.
+ **Reporting:** Provide regular updates on data risk status and mitigation strategies to the Asia Chief Data Officer and senior leadership.
+ **Training & Awareness:** Develop and deliver training programs to promote a culture of privacy and data security awareness.
**Coordination & Collaboration**
+ **Cross-Functional Engagement:** Collaborate with IT, legal, compliance, architecture, engineering, and business teams to ensure cohesive access management.
+ **Culture Building:** Promote data stewardship and accountability across the organization.
+ **Solution Design:** Work closely with solution and data architects to design access management solutions aligned with business and regulatory needs.
**Required Qualifications:**
+ Bachelor's or Master's degree in Information Technology, Data Science, Business Administration, or a related field.
+ 8-10 years of experience in access management, data governance, or risk management.
+ Experience in a multinational organization with a focus on Asia.
+ Professional certifications such as CIPP, CRISC, or CDMP.
+ Strong knowledge of access frameworks, governance policies, and regulatory compliance.
+ Proficiency in technologies such as SQL, Oracle RDBMS, Microsoft Synapse, Azure Data Lake Storage (ADLS), Azure Data Factory, Cosmos DB, and Databricks.
+ Foundational understanding of emerging technologies like Generative AI and OpenAI.
+ Demonstrated experience in managing data risks and implementing mitigation strategies.
+ Excellent leadership, communication, and stakeholder management skills.
+ Ability to thrive in a fast-paced, dynamic environment with multiple priorities.
**_When you join our team:_**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido

Associate Director, Data Security and Compliance

Join to apply for the Associate Director, Data Security and Compliance role at Manulife

Associate Director, Data Security and Compliance

2 weeks ago Be among the first 25 applicants

Join to apply for the Associate Director, Data Security and Compliance role at Manulife

The Asia Data Office (ADO) is a team of data professionals dedicated to enabling data as a strategic asset to drive business outcomes across Asia and the broader Asia segment. The team comprises Data Analysts, Architects, Engineers, and Business Intelligence professionals focused on delivering high-quality, accessible data for use cases spanning Business Intelligence, Digital Applications, and Advanced Analytics.
We are seeking a highly skilled and experienced Associate Director, Data Security and Compliance to spearhead the development and enforcement of access management frameworks and data risk policies across multiple data lakes in Asia, while ensuring alignment with global standards. This role is critical in maintaining regulatory compliance across ten markets and managing key data risks within the Asia Data Office.
Position Responsibilities
Access Management

• Framework Development: Design, implement, and maintain robust access management frameworks and policies to ensure secure and efficient data access across Asia’s data lakes.
• Policy Integration: Collaborate with global teams to align regional access policies with global standards.
• Access Controls: Regularly monitor and audit access controls to ensure compliance with internal policies and security protocols.
• User Access Management: Oversee role-based access provisioning, ensuring appropriate access levels based on responsibilities.
• Technology Enablement: Partner with IT and architecture teams to implement tools and technologies that support access governance.
  

Data Governance

• Governance Oversight: Ensure effective governance of data access, maintaining data integrity, security, and availability.
• Quality Initiatives: Lead efforts to standardize and harmonize data access processes across the region.
• Policy Enforcement: Ensure adherence to data governance policies by all stakeholders.
  

Regulatory Compliance

• Compliance Monitoring: Track and ensure compliance with data access regulations across ten markets, adapting policies as needed.
• Regulatory Liaison: Work closely with legal and compliance teams to meet local and international regulatory requirements.
• Documentation: Maintain clear and comprehensive documentation of access policies and procedures.
  

Data Risk Management

• Risk Identification & Mitigation: Identify, assess, and mitigate data privacy and security risks. Lead Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
• Risk Execution: Own and execute Information Risk Assessments (IRAs) for the Asia Data Office.
• Audit & Compliance: Conduct regular audits to ensure ongoing compliance with privacy and security laws. Implement corrective actions as necessary.
• Incident Response: Lead response efforts for data breach incidents, including investigation, reporting, and remediation.
• Reporting: Provide regular updates on data risk status and mitigation strategies to the Asia Chief Data Officer and senior leadership.
• Training & Awareness: Develop and deliver training programs to promote a culture of privacy and data security awareness.
  

Coordination & Collaboration

• Cross-Functional Engagement: Collaborate with IT, legal, compliance, architecture, engineering, and business teams to ensure cohesive access management.
• Culture Building: Promote data stewardship and accountability across the organization.
• Solution Design: Work closely with solution and data architects to design access management solutions aligned with business and regulatory needs.
  

Required Qualifications

• Bachelor’s or Master’s degree in Information Technology, Data Science, Business Administration, or a related field.
• 8–10 years of experience in access management, data governance, or risk management.
• Experience in a multinational organization with a focus on Asia.
• Professional certifications such as CIPP, CRISC, or CDMP.
• Strong knowledge of access frameworks, governance policies, and regulatory compliance.
• Proficiency in technologies such as SQL, Oracle RDBMS, Microsoft Synapse, Azure Data Lake Storage (ADLS), Azure Data Factory, Cosmos DB, and Databricks.
• Foundational understanding of emerging technologies like Generative AI and OpenAI.
• Demonstrated experience in managing data risks and implementing mitigation strategies.
• Excellent leadership, communication, and stakeholder management skills.
• Ability to thrive in a fast-paced, dynamic environment with multiple priorities.
  

When You Join Our Team

• We’ll empower you to learn and grow the career you want.
• We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
• As part of our global team, we’ll support you in shaping the future you want to see.
  

About Manulife And John Hancock
Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit is an Equal Opportunity Employer
At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.
It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact
Working Arrangement
Hybrid Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Other
• Industries Insurance

Referrals increase your chances of interviewing at Manulife by 2x

Get notified about new Director of Security jobs in Hong Kong, Hong Kong SAR .

Corporate Bank - Head of Securities Services - Director/ VP Director/ Deputy Director, Client Development

Shenzhen, Guangdong, China CN¥20,000.00-CN¥0,000.00 2 years ago

Treasury Director, Chinese Securities, 85k Security Operations Manager (MNC Retail) Manager, Infrastructure and Network Operations, Global IT Security and Operation Specialist (Asst Manager Level) Senior Operations Manager, Securities Brokerage

Shenzhen, Guangdong, China CN 0,000.00-CN 0,000.00 2 years ago

Security Architect - Director/Executive Level Data Engineer, Director P4, Institutional Securities Technology Manager/Associate Director, Cyber Security (Strategy, Governance & Risk), Technology Consulting Manager/Associate Director, Cyber Security (Simulated Attack), Technology Consulting Manager, Cyber Security Operations (MJ006042) Manager/Associate Director , Cloud Security, Technology Consulting Manager/Associate Director, Data Privacy and Protection, Technology Consulting Assistant Manager (Ant Bank - For Securities Operations) Manager - Professional Environment Services (Facilities & Office Operation) - Hong Kong(314235) Marketing Officer/ Senior Marketing Officer

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Join to apply for the Manager, Risk Management role at AEON Credit Service (Asia) Co., Ltd.

1 week ago Be among the first 25 applicants

Join to apply for the Manager, Risk Management role at AEON Credit Service (Asia) Co., Ltd.

Direct message the job poster from AEON Credit Service (Asia) Co., Ltd.

Talent Acquisition | HR Department |AEON Credit Service (Asia) | Listed Company

Company Overview

• AEON Credit Service (Asia) Co., Ltd was established in 1990 and listed on the Main Board of Hong Kong Stock Exchange since 1995 (stock code: 900).
• One of the major players in the credit card market in Hong Kong.
• We are a member of AEON Group, a Fortune Global 500 company.

We offer:

• 5-day work week
• Group medical, dental, body check, group life, accidental & travel insurance coverage insurance coverage
• Competitive annual leave package
• Competitive pay and Discretionary bonus
• Friendly working environment with dynamic and talented team members
• Learning and development opportunities
• Smart and casual attire (Monday to Friday)
• Convenient office located near Tsim Sha Tsui MTR station

Responsibilities:

• Support the Company’s integrated management of various types of risks under enterprise risk management framework.
• Advising on improvements to corporate governance, enterprise risk management and internal controls, and the monitoring of their effectiveness and adequacy.
• In charge of operational risk events management, through investigation of root causes and advising on preventive measures.
• In charge of risk management related projects, e.g. BCP implementation, drill coordination, new products/services risk analysis, etc.
• Provide support in risk management related matters, including regular meeting documentations preparation, risk control self-assessment, reporting to top management, etc.
• Assist the department for any other risk management functions, e.g. regular review and update of relevant risk-related policies and regulations, and give comments with regards to other risk-related operation manual/procedures; and any other ad hoc tasks assigned.

Requirements:

• Degree holder or other relevant qualifications, preferably majoring in business studies.
• 5 years of relevant experience in financial institutions, with payment companies, card associations, listed companies with ERM experiences are an advantage.
• Experience in risk management and operation control, with security management is an advantage.
• Proficient in both written and spoken English and Chinese (Cantonese and Mandarin).
• Immediate availability is preferred.

Interested parties please send your application with updated CV, notice period, current and expected salaries to

Information on Collection of Personal Data & Application

Our company is an equal opportunities employer and welcome application from all qualified candidates.

All personal data collected will be kept confidential, and will be used for recruitment purpose only.

It is our policy to retain personal data of unsuccessful applicants for future recruitment purposes within our Company, its subsidiary or associated companies for a period of six months. This retention of your personal data in the said period allows us to consider your suitability of other roles that may arise during this time. We may transfer your personal data to the said companies for such recruitment consideration.

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Other, Accounting/Auditing, and General Business
• Industries Financial Services and Insurance

Referrals increase your chances of interviewing at AEON Credit Service (Asia) Co., Ltd. by 2x

Get notified about new Manager Risk Management jobs in Kowloon, Hong Kong SAR .

Senior Audit Manager (Sustainability and Climate Risk)

Kwun Tong District, Hong Kong SAR 4 months ago

Senior Associate, Risk and Control, Institutional Banking Operations Business Risk Manager, Wealth Solutions HK

Kwun Tong District, Hong Kong SAR 1 month ago

Associate Director, Business Risk Management

Kwun Tong District, Hong Kong SAR 3 months ago

Tsim Sha Tsui, Hong Kong SAR 10 hours ago

Kowloon City District, Hong Kong SAR 1 week ago

Kwun Tong District, Hong Kong SAR 1 month ago

Officer, Credit Analyst (Consumer Risk, Unsecured Lending Product)

Kowloon City District, Hong Kong SAR 2 weeks ago

Regional Receivables Product Manager, Payments - Vice President

Kowloon City District, Hong Kong SAR 5 hours ago

Kwun Tong District, Hong Kong SAR 3 months ago

Senior Associate, Payment Operations, Technology & Operations

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

1. Review and assess credit facility & trading limits applications.

2. Monitor the credit risks of margin financing portfolios, ensure margin control actions & procedures are performed in a timely manner.

3. Review and enhance margin financing business Risk Management Policy & Guideline.

4. Participating in HQ’s and Department’s reports preparation.

5. Participating in market risk identification, measurement and monitoring.

6. Carrying out other tasks assigned by management.

Requirements:

1. Bachelor’s degree or above, major in economics, finance, science and engineering and other related areas.

2. 3-5 years' working experience in risk management and credit control in securities firms, with keen interest in the equity and fixed income markets.

3. Clear logical thinking and strong data compilation and analysis capabilities.

4. Strong learning ability, serious work attitude, meticulous, and strong sense of responsibility.

5. Excellent presentation and communication skills.

6. Preference will be given to applicants who have passed CFA, FRM and/or other relevant qualifications.

We offer competitive remuneration packages to the successful candidates. Interested candidates may send us your detailed resume with current & expected salary and availability.

All information collected will be kept in strict confidence and will be used for recruitment purpose only.

Seniority level

• Seniority level Associate

Employment type

• Employment type Full-time

Job function

• Job function Finance
• Industries Investment Banking

Referrals increase your chances of interviewing at CCB International (Holdings) Limited by 2x

Get notified about new Risk Analyst jobs in Hong Kong, Hong Kong SAR .

AML Compliance Manager (Regional Oversight and Fraud Risk Governance) - Financial Crime Compliance Department Assistant Manager / Manager, Integrated Risk Analytics Investment firm - AI Business Analyst - HK$50K - 75K per month

Eastern District, Hong Kong SAR 3 days ago

Officer/Associate Manager, Financial Crime Risk Management (6 months/1 year contractor) Manager, Fraud Risk, Financial Crime Risk Management, FCC Business Analyst Finance Transformation (Top-tier Investment Bank) Intern, Quantitative Analyst (June to September) CBS - Quality and Risk Management – Regional Security Manager - Hong Kong Business Analyst Operations Change (Leading Investment Bank) Senior Manager/Manager, Technology and Operational Risk Senior Traded and Treasury Risk Manager (HK)

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

1. Review and assess credit facility & trading limits applications.

2. Monitor the credit risks of margin financing portfolios, ensure margin control actions & procedures are performed in a timely manner.

3. Review and enhance margin financing business Risk Management Policy & Guideline.

4. Participating in HQ’s and Department’s reports preparation.

5. Participating in market risk identification, measurement and monitoring.

6. Carrying out other tasks assigned by management.

Requirements:

1. Bachelor’s degree or above, major in economics, finance, science and engineering and other related areas.

2. 3-5 years' working experience in risk management and credit control in securities firms, with keen interest in the equity and fixed income markets.

3. Clear logical thinking and strong data compilation and analysis capabilities.

4. Strong learning ability, serious work attitude, meticulous, and strong sense of responsibility.

5. Excellent presentation and communication skills.

6. Preference will be given to applicants who have passed CFA, FRM and/or other relevant qualifications.

We offer competitive remuneration packages to the successful candidates. Interested candidates may send us your detailed resume with current & expected salary and availability.

All information collected will be kept in strict confidence and will be used for recruitment purpose only.

Seniority level

• Seniority level Associate

Employment type

• Employment type Full-time

Job function

• Job function Finance
• Industries Investment Banking

Referrals increase your chances of interviewing at CCB International (Holdings) Limited by 2x

Get notified about new Risk Analyst jobs in Hong Kong, Hong Kong SAR .

AML Compliance Manager (Regional Oversight and Fraud Risk Governance) - Financial Crime Compliance Department Assistant Manager / Manager, Integrated Risk Analytics Investment firm - AI Business Analyst - HK$50K - 75K per month

Eastern District, Hong Kong SAR 3 days ago

Officer/Associate Manager, Financial Crime Risk Management (6 months/1 year contractor) Manager, Fraud Risk, Financial Crime Risk Management, FCC Business Analyst Finance Transformation (Top-tier Investment Bank) Intern, Quantitative Analyst (June to September) CBS - Quality and Risk Management – Regional Security Manager - Hong Kong Business Analyst Operations Change (Leading Investment Bank) Senior Manager/Manager, Technology and Operational Risk Senior Traded and Treasury Risk Manager (HK)

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr