AVP, Information Security Senior Analyst

2 months ago


Hong Kong, Hong Kong SAR China Citi Full time
Job Description

The Information Security Senior Analyst is a senior level professional responsible for driving efforts to support governance, risk and compliance for CISO at Citi. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's cyber and information security policy and country regulatory related requirements. The role is part of the Cyber Governance, Control and Policy Team.

Responsibilities:
  • Manage and validate deliverables of all Information Security (IS) programs, ensuring closure per agreed timelines and goals
  • Work closely with Global & Regional Information Security teams to improve processes and reduce risk, and support the IS regulatory related activities for both Hongkong and Macau
  • Prior successful Cyber Resilience Assessment Framework (C-RAF) delivery experience (Bank/Assessor/Regulator side) in a senior capacity is essential
  • Manage internal/external resources to organize cyber attack simulations and penetration testing, coordinating and overseeing vulnerability, mitigation/remediation/correction action plans, and issues management process
  • As a key member of the IS team, with significant exposure globally and regionally, the role holder must have a proven track record of delivering complex regulatory assessments and requirements
  • Accountable for delivery of the associated remediation from regulatory assessments
  • Proficiency in preparing periodic updates / reports / presentation deck for both internal stakeholders and regulators
  • Provide timely and appropriate updates to regional and global stakeholders; escalate issues in a timely manner to senior management
  • Build and develop partnerships with business, IT, risk, compliance, IS, senior management staff and stakeholders
  • Facilitate and lead cross-functional meetings, assist in developing analytics and reporting to track effectiveness of process and identify potential process improvements
  • Acts as IS/Cybersecurity SME to senior stakeholders and/or other team members.
Qualifications:
  • Minimum 5 years or above of relevant experience in Cyber Security Management / Cyber Security Operations / Technology Risk Management / Third-party Risk Management or IT Audit, preferably with experience gained from banking / finance services industry / consultancy / control compliance or legal disciplines
  • Experience in assessing cyber regulatory compliance such as: HKMA C-RAF (IRA, MA and iCAST), TM-E-1, etc.
  • Experience and knowledge of TM-G-1, TM-G-2, OR-2, SA-2, SFC and Insurance Authority (GL20) is a plus
  • Relevant professional qualifications with Risk / Security management e.g. CISSP, CRISC, CISM, CISA, or equivalent
  • Strong understanding of International Standards/Frameworks such as: NIST, ISO 27001 series, COBIT, CIS, GDPR, DORA, etc.
  • Proficient in interpreting and applying policies, standards and procedures
  • Excellent project management and organizational skills. (PMP, PRINCE2, etc. is a plus)
  • Strong consultation, reporting writing and communication skills with highly proficiency in both spoken and written English
Education:
  • Bachelor's/University degree or equivalent experience in Computer Science, Cyber Security, Computer/Information Engineering, Information Technology or a related discipline is preferred
  • One or more industry-recognized cybersecurity-related certifications under HKMA's Enhanced Competency Framework on Cybersecurity (such as CISSP, CISA, CISM, CRISC, ISO 27001) desired
  • Local language proficiency
------------------------------------------------------

Job Family Group:
Risk Management
------------------------------------------------------

Job Family:
Business Risk & Control
------------------------------------------------------

Time Type:
Full time
------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi .

View the " EEO is the Law " poster. View the EEO is the Law Supplement .

View the EEO Policy Statement .

View the Pay Transparency Posting


  • Hong Kong, Central and Western District, Hong Kong SAR China Citi Full time

    Job SummaryThe Information Security Senior Analyst is a senior-level professional responsible for driving efforts to support governance, risk, and compliance for Citi. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's cyber and information security policy and country...


  • hong kong, Hong Kong SAR China Classy Wheeler Limited Full time

    • Reporting to the Information Security (IS) Manager, the Information Security Analyst (ISA) will perform: Vulnerability scanning and automated code testing operations. Threat assessment and patch management advisory operations. IT-related security incident containment and response. Management and implementation of IS initiatives. Risk assessment of new IT...


  • hong kong, Hong Kong SAR China Classy Wheeler Limited Full time

    Information Security Analyst (Public Enterprise) Client Description: Well-established public enterprise. Job Description: Perform technical advisory in assigned project area for ensuring identified information security risks are mitigated and controls are implemented. Coordinate and conduct IS assurance activities on application software and system to...


  • Hong Kong, Central and Western District, Hong Kong SAR China Global Executive Consultants Ltd. Full time

    Job Opportunity: Senior Information Security ManagerWe are seeking a highly skilled and experienced Senior Information Security Manager to join our team at Global Executive Consultants Ltd.About the Role:This is a senior-level position responsible for leading internal audit exercises with a focus on information security, conducting risk and control...


  • Hong Kong, Central and Western District, Hong Kong SAR China Classy Wheeler Limited Full time

    Job DescriptionA challenging opportunity has arisen for an experienced Senior Information Security Manager to join Classy Wheeler Limited as Chief IT Security Officer. The successful candidate will be responsible for leading the development and implementation of security policies, procedures, and practices to protect our global luxury retail corporation's...


  • Hong Kong, Central and Western District, Hong Kong SAR China Global Executive Consultants Ltd. Full time

    Job Title: Senior Information Security ManagerOverview: We are seeking a highly skilled and experienced Internal Audit Manager to spearhead the development of our information security team at Global Executive Consultants Ltd.Key Responsibilities:Assist in planning and implementing internal audit exercises with a focus on information security, ensuring robust...


  • Hong Kong, Hong Kong SAR China HARBRIDGE PARTNERS Full time

    AVP/ VP, Trade Surveillance & AML Monitoring and AML Training​ – Equities/ Securities AVP/ VP, Trade Surveillance & AML Monitoring and AML Training Location: Hong Kong   Main Duties and Responsibilities: Covering and manging the Training  function and a key Compliance member for  AML/CTF, Trade Surveillance/ Monitoring  and FATCA/CRS Provide...


  • Hong Kong, Central and Western District, Hong Kong SAR China Citi Full time

    Shape Your Career with CitiCiti's Global Legal Affairs and Compliance (GLAC) empowers and protects Citi by providing legal, compliance, investigative, and security services to our firm. We manage compliance risk, provide legal analysis and advice, protect Citi's people and businesses, advocate for legal and regulatory outcomes that benefit our firm and our...


  • hong kong, Hong Kong SAR China Classy Wheeler Limited Full time

    Lead / Senior Analyst / Senior Engineer - IT Security Administration - IC Client Description Well-known Public organization Job Description Lead - IT Security Administration Responsibilities Partner with SI and internal auditors to lead the establishment of access management, operations principals and practice for the new Oracle platform. Work with...


  • Hong Kong, Central and Western District, Hong Kong SAR China Manulife Full time

    Job Title: Cloud Security ArchitectThe ETS Asia Control Integrity team is responsible for security and compliance under the ETS Asia Umbrella. The team conducts security assessments for new technologies and projects, and performs assurance functions to ensure ETS complies with company and regulatory security requirements. As a Cloud Security Architect, you...


  • Hong Kong, Hong Kong SAR China Company 331 - Manulife Financial Asia Limited Full time

    Description The Opportunity The ETS Asia Control Integrity team is the security and compliance team under the ETS Asia Umbrella. The team performs security assessments for new technologies and new projects, in addition to performing an assurance function to ensure ETS comply with company and regulatory security requirements. The incumbent will be...


  • Hong Kong, Hong Kong SAR China Ellwood Consulting Full time

    Note : This opportunity requires fluent Mandarin speaker and is based of Hong Kong. IT Analyst : Key Responsibilities: Analyze business requirements and technical specifications to design and implement IT solutions. Collaborate with business stakeholders to understand their needs and translate them into technical requirements. Evaluate existing IT systems...


  • hong kong, Hong Kong SAR China Swing Consulting Ltd. Full time

    SW8682 | 05 Aug 2024 Information Security Specialist Responsibilities: Enhance security posture. Maintain and update security policy. Plan and design security architectures and implement different security solutions to safeguard network and system. Implement cybersecurity control mechanisms which are consistent with risk strategy. Analyse cybersecurity...


  • hong kong, Hong Kong SAR China Projob21.com Ltd. Full time

    Senior Information Technology Business Analyst Expansion North Asia Headcount Transformation & Project Management MNC, Fintech & Financial Institutions Our Client Representing various MNC and industry leaders of wealth management, fintech and financial institutions to search for Information Technology Business Analysts. Job Duties You will be responsible...


  • Hong Kong, Hong Kong SAR China Manulife Full time

    Job Description The Opportunity The ETS Asia Control Integrity team is the security and compliance team under the ETS Asia Umbrella. The team performs security assessments for new technologies and new projects, in addition to performing an assurance function to ensure ETS comply with company and regulatory security requirements. The incumbent will...


  • Hong Kong, Hong Kong SAR China DBS Bank (Hong Kong) Limited Full time

    Providing country feedback to the revisions to local and Group AML/CFT/Sanctions CDD standards and AML/CFT/Sanctions systems Monitoring remedial actions for the identified deficiency in AML risk controls that require remediation actions Preparing and facilitating risk & control self-assessment ("RCSA") and ensuring there are appropriate rectifications and...


  • Hong Kong, Hong Kong SAR China NLS Full time

      The role: Team Leadership: Lead and direct a team covering the firm's cybersecurity operations. Ensuring the development of information security architectures, strategies, roadmaps, standards and procedures (cloud and on-prem). Collaboration: Work closely with various IT departments to validate information security and robustness for IT infrastructure,...

  • Security Analyst

    4 months ago


    Hong Kong, Hong Kong SAR China MORS Full time

    Details Posted: 14-Aug-24 Location: Hong Kong, Type: Full Time Salary: Open Internal Number: Our client, a leading company in the cybersecurity industry, is seeking a highly skilled and experienced Security Analyst to join their dynamic team. This is an excellent opportunity for a professional with a minimum of 5 years of experience in...


  • Hong Kong, Central and Western District, Hong Kong SAR China IO TECH SOLUTIONS LIMITED Full time

    IO TECH SOLUTIONS LIMITED, a renowned firm in the Asia Pacific region with over 50 years of experience and a commitment to sustainable solutions, is seeking an Information Security Administrator in Hong Kong. This role involves document control, ensuring records are organized, up-to-date, and compliant.This position is based in our Yuen Long office and...


  • Hong Kong, Central and Western District, Hong Kong SAR China CHUBB Full time

    Job Summary:The Regional Information Security Specialist will be responsible for overseeing the information security program across assigned countries and business units. This role will involve driving security management outcomes, building a strong security-aware culture, and demonstrating support aligned to Chubb's Global Information Security...