Regional Cyber Risk and Controls Manager – VP
2 weeks ago
Regional Cyber Risk and Controls Manager – VP
Regional Cyber Risk and Controls Manager – VPApply locations Hong Kong, China time type Full time posted on Posted 4 Days Ago time left to apply End Date: July 31, 2025 (30+ days left to apply) job requisition id R-770367
We are seeking a highly skilled and experienced cybersecurity professional to join our team as a Vice President (VP) level Cybersecurity Risk and Controls Manager. In this role, you will be responsible for managing risk for APAC region and be SME in multiple domain including Identity and Access, Network security, Data security, Third Party Risk and Cyber Incident Management. You will be representing APAC at global governance forums and provide cybersecurity expertise and insights to key stakeholders within the region. You will also be overseeing State Street entities and our Joint Ventures in the region, analyzing cyber risk, meeting Regional regulatory requirements and assessing key metrics to drive continuous uplift and risk mitigation. You will be collaborating with Security Operations Centers (SOC) to respond to security incidents, identifying and supporting simulation exercises, implementing containment measures in response to audit findings or self-identified issues, supporting vulnerability discoveries through rigorous testing and participating in specialized projects.
Job Description
- Measure and Report Risk: Assess and report risk posture for APAC region, including countries risk committees and legal entities utilizing our existing frameworks, metrics, key updates, projects, incidents etc.
- Global Governance Meetings: Attend and present at global governance forum meetings to represent regional interests. Build relationship with senior leadership to shape the organization's cybersecurity strategy, align it with corporate goals, and ensure compliance with relevant regulations and standards.
- Regulatory: Have direct and relevance experience in working with Regional regulators (MAS, HKMA, APRA, JFSA, NFRA etc.) and deep understanding of individual regulatory requirements to ensure compliance. Representing the bank at various Regulatory forums and working groups.
- Analyze Metrics and Drive Improvement: Identify and implement metrics and key risk indicators (KRIs) to measure the effectiveness of cybersecurity controls, incident response capabilities, and vulnerability management processes. Analyze data and drive continuous improvement initiatives to align with corporate standards and industry best practices.
- Trusted Advisor: Build strong relationship with key stakeholders regionally and globally (Business, Technology, Cyber, Risk, Audit etc.) and collaborate with control owners to ensure regional requirements are met, both from Regulatory and risk management perspective.
- Joint Ventures in APAC: Oversee cybersecurity aspects of joint ventures. Collaborate with internal and external stakeholders to ensure the alignment of cybersecurity controls, incident response procedures, and metrics monitoring governance process aligned to the enterprise.
- Security Incident Response: Collaborate with the global SOC team to promptly respond to security incidents, investigate root causes, and develop effective remediation strategies. Act as a subject matter expert in cyber incident response, ensuring timely and accurate communication with key stakeholders. Working seamlessly with 2LoD, Compliance to ensure any Regulatory needs are catered for.
- Cyber Simulation Exercises: Identify and support cyber simulation exercises to assess the effectiveness of our cybersecurity controls and incident response capabilities across the APAC region. Coordinate with internal teams, global stakeholders and external vendors to conduct realistic exercises that simulate real-world cyber threats and evaluate the organization's readiness to handle such incidents.
- Audit and Self-Identified Issues: Take ownership of containment measures and remediation plans in response to internal and external audits, as well as self-identified security issues. Work closely with cross-functional teams to identify vulnerabilities, implement necessary controls, and ensure compliance with relevant regulations and standards.
- Vulnerability Management: Drive continuous improvement by working closely with vulnerability teams who analyse systems, applications, and infrastructure. Collaborate with IT teams to prioritize and remediate vulnerabilities in a timely manner. Ensure accurate metrics for vulnerability scanning, penetration testing, patch management, code scans etc.
- Specialized Projects: Participated in specialized cybersecurity projects such as the implementation of advanced threat detections systems, development of secure software development life cycle (SDLC), enhancement of data loss prevention (DLP) rules. Provide matter expertise and guidance throughout APAC Data Centre migration and workforce integration involved with joint ventures.
Qualifications
- Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degree preferred.
- Two or more Professional Certifications required (e.g. CISA, CISM, CISSP, CRISC, CCSK, AWS, Azure)
- Minimum of 10 years of experience in cybersecurity, with deep technical understanding of two or more domains – Identity and Access Management, Data Protection, Network security, System Security, Application Security, Cloud Security, Security Operations (e.g. Incident Management)
- Strong understanding of cybersecurity frameworks, standards, and best practices.
- Working knowledge of Technology regulatory frameworks within the Region (MAS TRMG, HK CRAF, APRA CPS 234 etc.)
- Proficiency in assisting with cybersecurity incident response and investigations.
- Experience in developing and conducting cyber simulation exercises.
- In-depth knowledge of vulnerability management processes, tools, and techniques.
- Familiarity with security auditing, risk assessment, and compliance frameworks.
- Strong understanding of network security, firewalls, IDS/IPS, SIEM, and other security technologies.
- Demonstrated leadership skills, with the ability to work independently and collaborate effectively with cross-functional teams and senior management.
- Ability to interface with key stakeholders and operate at various levels of seniority as an individual contributor and/or Manager.
- Excellent written and verbal communication skills, with the ability to articulate complex cybersecurity issues to both technical and non-technical stakeholders.
- Strong analytical and problem-solving abilities, with a focus on driving continuous improvement and innovation.
-
Regional Cyber Risk and Controls Leader
2 weeks ago
Hong Kong Island, Hong Kong SAR China STATE STREET CORPORATION Full timeSTATE STREET CORPORATION is seeking a highly skilled cybersecurity professional to join its team as a Vice President (VP) level Cybersecurity Risk and Controls Manager. In this role, you will be responsible for managing risk across the APAC region.Main ResponsibilitiesRisk Assessment and Reporting: Assess and report on the risk posture of the APAC region,...
-
Cybersecurity Risk Manager
2 weeks ago
Hong Kong Island, Hong Kong SAR China STATE STREET CORPORATION Full timeWe are looking for an experienced cybersecurity professional to fill the position of Vice President (VP) level Cybersecurity Risk and Controls Manager in our APAC region. This role involves managing risk, driving continuous improvement, and ensuring regulatory compliance.ResponsibilitiesCyber Risk Management: Develop and implement strategies to manage cyber...
-
Cyber Risk Manager
6 days ago
Hong Kong Island, Hong Kong SAR China ZA Full timeJob DescriptionWe are seeking a highly skilled Cyber Risk Manager to join our team at ZA. As a key member of our IT department, you will be responsible for maintaining corporate-wide technology risk management and cyber resilience policy and process in compliance with the regulator's requirements.Maintain and update technology risk management and cyber...
-
APAC Cyber Security Director
2 weeks ago
Hong Kong Island, Hong Kong SAR China STATE STREET CORPORATION Full timeThis Vice President (VP) level Cybersecurity Risk and Controls Manager position requires a seasoned cybersecurity professional with expertise in risk management, security governance, and regulatory compliance. The successful candidate will lead efforts to develop and implement effective cybersecurity strategies, drive continuous improvement, and ensure...
-
Cyber Security Risk Management Specialist
1 week ago
Hong Kong Island, Hong Kong SAR China Control Risks Full timeJob DescriptionWe are seeking an experienced Cyber Security Risk Management Specialist to join our team in Hong Kong. The ideal candidate will have a strong background in cyber security and risk management, with experience working with clients in the Asia Pacific region.The successful candidate will be responsible for leading cyber security advisory...
-
VP of Trading Risk Control
2 weeks ago
Hong Kong, Central and Western District, Hong Kong SAR China Hyphen Connect Full timeWe are looking to hire for one of our ecosystem projects. Our client, a leading digital assets ecosystem globally, is in search of an experienced VP of Trading Risk Control. In this role, you will: Lead the trading risk control team, creating and executing comprehensive risk management strategies. Design and refine risk monitoring systems for real-time...
-
Operational, Technology and Cyber Risk
2 days ago
kwai chung, tsuen wan, hong kong, Hong Kong SAR China Standard Chartered Life and Careers Full timeOperational, Technology and Cyber Risk (OTCR) OfficerArea of interest: Audit, Accounting & FinanceUphold the integrity of operational risk, ensuring that operational risks are properly assessed, and that risk/return and cost/benefit decisions are made transparently based on proper assessment.Provide practical implementation guidance on Operational Risk (OR)...
-
Comprehensive Cyber Risk Manager
1 week ago
Hong Kong Island, Hong Kong SAR China Tek Systems Full timeTek Systems is seeking a highly motivated and experienced Comprehensive Cyber Risk Manager to join our team. As a Comprehensive Cyber Risk Manager, you will be responsible for identifying, assessing, and mitigating cyber risks across our organization.The ideal candidate will have a strong background in risk management, cybersecurity, and business continuity....
-
Operational, technology and cyber risk
2 weeks ago
kwai chung, tsuen wan, hong kong, Hong Kong SAR China Standard Chartered Life And Careers Full timeOperational, Technology and Cyber Risk (OTCR) Officer Area of interest: Audit, Accounting & Finance Uphold the integrity of operational risk, ensuring that operational risks are properly assessed, and that risk/return and cost/benefit decisions are made transparently based on proper assessment. Provide practical implementation guidance on Operational Risk...
-
Assistant Cyber Risk
2 weeks ago
Hong Kong Island, Hong Kong SAR China Retail Technology Asia Full timeAssistant Cyber Risk & Compliance Manager4 days ago Be among the first 25 applicantsRetail Technology Asia (RTA) is a cloud-based digital retail service company headquartered in Hong Kong. We have world-leading SaaS technology. We are looking for a professional Cyber Risk and Compliance specialist to join our Cyber Security team and govern our cybersecurity...
-
Senior Cyber Advisor
1 week ago
Hong Kong Island, Hong Kong SAR China Control Risks Full timeJob OverviewWe are seeking an experienced Senior Cyber Advisor to join our team in Hong Kong. The ideal candidate will have a strong background in cyber security and risk management, with experience working with clients in the Asia Pacific region.The successful candidate will be responsible for providing strategic advice to clients on cyber security matters,...
-
Tech Risk Manager for Cyber Security
7 days ago
Hong Kong, Central and Western District, Hong Kong SAR China PrimePeak Group Full timeCompany Overview:PrimePeak Group is a Hong Kong conglomerate seeking an experienced Senior Manager / Director for Tech Risk / Cyber Security.Job Description:Develop and execute strategy to assess technology risks, IT governance, cybersecurity, and IT compliance.Lead risk-based assessments, ensuring compliance with MAS, GDPR, ISO 27001, NIST, and other...
-
Cyber Security Risk Management Professional
5 days ago
Hong Kong Island, Hong Kong SAR China Henderson Land Development Company Limited Full timeThe Henderson Land Development Company Limited is seeking a skilled Cyber Security Risk Management Professional to join our team. In this role, you will be responsible for improving our cyber security defences, preparing for potential attacks, and developing incident response plans.You will support ad-hoc security and risk analyses, prepare incident reports...
-
cyber security and risk analyst
5 days ago
Hong Kong Island, Hong Kong SAR China Henderson Land Development Company Limited Full timeCYBER SECURITY AND RISK ANALYST / CYBER SECURITY ENGINEERResponsibilities:Improve cyber security defence, attack preparedness, incident response readiness, recovery procedures and contingency plan.Support ad-hoc security and risk analyses and prepare incident reports for critical incidents to management.Assist in regular cyber-attack simulation exercises and...
-
VP of Risk and Compliance Oversight
1 week ago
Hong Kong Island, Hong Kong SAR China Projob21 Ltd. Full timeJob Overview:We are seeking a VP of Risk and Compliance Oversight to lead our compliance and risk control functions in Greater China. The successful candidate will have extensive experience in HKMA regulatory, compliance monitoring, and risk control, as well as strong leadership and communication skills.Key Responsibilities:Develop and implement risk-based...
-
Cyber Security Risk Management Professional
5 days ago
Hong Kong, Central and Western District, Hong Kong SAR China Henderson Land Development Company Limited Full timeAbout the RoleWe are seeking a highly skilled Cyber Security and Risk Analyst to join our team at Henderson Land Development Company Limited.Job DescriptionDevelop and implement effective cyber security strategies to improve our organisation's defence, attack preparedness, incident response readiness, recovery procedures, and contingency planning.Support...
-
Tech Risk and Cyber Security Executive
2 weeks ago
Hong Kong, Central and Western District, Hong Kong SAR China PrimePeak Group Full timeJob TitleMNC - Tech Risk / Cyber Security - Senior Manager / DirectorJob DescriptionPrimePeak Group is seeking an experienced Senior Manager / Director for Tech Risk / Cyber Security.This role is critical in ensuring our company's IT infrastructure, cybersecurity frameworks, and digital transformation initiatives are aligned with regulatory standards and...
-
Manager, Technology Risk
6 days ago
Hong Kong Island, Hong Kong SAR China ZA Full timeResponsibilitiesMaintain corporate-wide technology risk management and cyber resilience policy and process in compliance with the regulator's requirements;As a second line of defense, assist risk owners in identifying and measuring risks to build a corporate-wide cyber and technology risks profile;Assist senior management in overseeing cyber and technology...
-
Risk Management Expert
6 days ago
Hong Kong Island, Hong Kong SAR China ZA Full timeAbout UsZA is a leading financial institution with a strong commitment to technology risk management and cyber resilience. We strive to maintain the highest standards of security and governance, and we're looking for talented professionals to join our team.We offer a dynamic and challenging work environment that fosters growth and development. If you're...
-
Cyber Risk Manager
2 weeks ago
Hong Kong Island, Hong Kong SAR China Retail Technology Asia Full timeJob DescriptionWe are seeking a highly skilled Cyber Risk Manager to join our team at Retail Technology Asia. The ideal candidate will have extensive experience in information security governance, risk management, and compliance.The successful candidate will be responsible for developing and maintaining security policies, standards, and procedures, as well...
