AVP, Information Security Senior Analyst
4 weeks ago
The Information Security Senior Analyst is a senior level professional responsible for driving efforts to support governance, risk and compliance for CISO at Citi. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's cyber and information security policy and country regulatory related requirements. The role is part of the Cyber Governance, Control and Policy Team.
Responsibilities:
- Manage and validate deliverables of all Information Security (IS) programs, ensuring closure per agreed timelines and goals
- Work closely with Global & Regional Information Security teams to improve processes and reduce risk, and support the IS regulatory related activities for both Hongkong and Macau
- Prior successful Cyber Resilience Assessment Framework (C-RAF) delivery experience (Bank/Assessor/Regulator side) in a senior capacity is essential
- Manage internal/external resources to organize cyber attack simulations and penetration testing, coordinating and overseeing vulnerability, mitigation/remediation/correction action plans, and issues management process
- As a key member of the IS team, with significant exposure globally and regionally, the role holder must have a proven track record of delivering complex regulatory assessments and requirements
- Accountable for delivery of the associated remediation from regulatory assessments
- Proficiency in preparing periodic updates / reports / presentation deck for both internal stakeholders and regulators
- Provide timely and appropriate updates to regional and global stakeholders; escalate issues in a timely manner to senior management
- Build and develop partnerships with business, IT, risk, compliance, IS, senior management staff and stakeholders
- Facilitate and lead cross-functional meetings, assist in developing analytics and reporting to track effectiveness of process and identify potential process improvements
- Acts as IS/Cybersecurity SME to senior stakeholders and/or other team members.
- Minimum 5 years or above of relevant experience in Cyber Security Management / Cyber Security Operations / Technology Risk Management / Third-party Risk Management or IT Audit, preferably with experience gained from banking / finance services industry / consultancy / control compliance or legal disciplines
- Experience in assessing cyber regulatory compliance such as: HKMA C-RAF (IRA, MA and iCAST), TM-E-1, etc.
- Experience and knowledge of TM-G-1, TM-G-2, OR-2, SA-2, SFC and Insurance Authority (GL20) is a plus
- Relevant professional qualifications with Risk / Security management e.g. CISSP, CRISC, CISM, CISA, or equivalent
- Strong understanding of International Standards/Frameworks such as: NIST, ISO 27001 series, COBIT, CIS, GDPR, DORA, etc.
- Proficient in interpreting and applying policies, standards and procedures
- Excellent project management and organizational skills. (PMP, PRINCE2, etc. is a plus)
- Strong consultation, reporting writing and communication skills with highly proficiency in both spoken and written English
- Bachelor's/University degree or equivalent experience in Computer Science, Cyber Security, Computer/Information Engineering, Information Technology or a related discipline is preferred
- One or more industry-recognized cybersecurity-related certifications under HKMA's Enhanced Competency Framework on Cybersecurity (such as CISSP, CISA, CISM, CRISC, ISO 27001) desired
- Local language proficiency
Job Family Group:
Risk Management
------------------------------------------------------
Job Family:
Business Risk & Control
------------------------------------------------------
Time Type:
Full time
------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi .
View the " EEO is the Law " poster. View the EEO is the Law Supplement .
View the EEO Policy Statement .
View the Pay Transparency Posting
-
Information Security Senior Analyst
3 days ago
Hong Kong, Central and Western District, Hong Kong SAR China Citi Full timeJob SummaryThe Information Security Senior Analyst is a senior-level professional responsible for driving efforts to support governance, risk, and compliance for Citi. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's cyber and information security policy and country...
-
Information Security Analyst
2 months ago
hong kong, Hong Kong SAR China Classy Wheeler Limited Full time• Reporting to the Information Security (IS) Manager, the Information Security Analyst (ISA) will perform: Vulnerability scanning and automated code testing operations. Threat assessment and patch management advisory operations. IT-related security incident containment and response. Management and implementation of IS initiatives. Risk assessment of new IT...
-
Information Security Analyst
2 months ago
hong kong, Hong Kong SAR China Classy Wheeler Limited Full timeInformation Security Analyst (Public Enterprise) Client Description: Well-established public enterprise. Job Description: Perform technical advisory in assigned project area for ensuring identified information security risks are mitigated and controls are implemented. Coordinate and conduct IS assurance activities on application software and system to...
-
Senior Information Security Manager
3 days ago
Hong Kong, Central and Western District, Hong Kong SAR China Global Executive Consultants Ltd. Full timeJob Opportunity: Senior Information Security ManagerWe are seeking a highly skilled and experienced Senior Information Security Manager to join our team at Global Executive Consultants Ltd.About the Role:This is a senior-level position responsible for leading internal audit exercises with a focus on information security, conducting risk and control...
-
Senior Cyber Security Analyst
4 weeks ago
Hong Kong, Central and Western District, Hong Kong SAR China Citi Full timeJob SummaryThe Information Security Senior Analyst is a senior-level professional responsible for driving efforts to support governance, risk, and compliance for CISO at Citi. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's cyber and information security policy and...
-
AML Compliance –AVP/VP Equities/ Securities
2 weeks ago
Hong Kong, Hong Kong SAR China HARBRIDGE PARTNERS Full timeAVP/ VP, Trade Surveillance & AML Monitoring and AML Training – Equities/ Securities AVP/ VP, Trade Surveillance & AML Monitoring and AML Training Location: Hong Kong Main Duties and Responsibilities: Covering and manging the Training function and a key Compliance member for AML/CTF, Trade Surveillance/ Monitoring and FATCA/CRS Provide...
-
Compliance Risk Analyst
3 days ago
Hong Kong, Central and Western District, Hong Kong SAR China Citi Full timeShape Your Career with CitiCiti's Global Legal Affairs and Compliance (GLAC) empowers and protects Citi by providing legal, compliance, investigative, and security services to our firm. We manage compliance risk, provide legal analysis and advice, protect Citi's people and businesses, advocate for legal and regulatory outcomes that benefit our firm and our...
-
hong kong, Hong Kong SAR China Classy Wheeler Limited Full timeLead / Senior Analyst / Senior Engineer - IT Security Administration - IC Client Description Well-known Public organization Job Description Lead - IT Security Administration Responsibilities Partner with SI and internal auditors to lead the establishment of access management, operations principals and practice for the new Oracle platform. Work with...
-
Hong Kong, Hong Kong SAR China Company 331 - Manulife Financial Asia Limited Full timeDescription The Opportunity The ETS Asia Control Integrity team is the security and compliance team under the ETS Asia Umbrella. The team performs security assessments for new technologies and new projects, in addition to performing an assurance function to ensure ETS comply with company and regulatory security requirements. The incumbent will be...
-
Cloud Security Architect
3 days ago
Hong Kong, Central and Western District, Hong Kong SAR China Manulife Full timeJob Title: Cloud Security ArchitectThe ETS Asia Control Integrity team is responsible for security and compliance under the ETS Asia Umbrella. The team conducts security assessments for new technologies and projects, and performs assurance functions to ensure ETS complies with company and regulatory security requirements. As a Cloud Security Architect, you...
-
Information Security Specialist
4 weeks ago
Hong Kong, Central and Western District, Hong Kong SAR China AIA Full timeAbout the RoleAs a key member of AIA's team, you will be responsible for ensuring the security and integrity of our information systems and cyber environment.Duties/AccountabilitiesAssist in information security and cyber security risk assessment on security initiatives, compliance, and improvements.Evaluate and assist the deployment of security-related...
-
Information Technology Analyst
3 months ago
Hong Kong, Hong Kong SAR China Ellwood Consulting Full timeNote : This opportunity requires fluent Mandarin speaker and is based of Hong Kong. IT Analyst : Key Responsibilities: Analyze business requirements and technical specifications to design and implement IT solutions. Collaborate with business stakeholders to understand their needs and translate them into technical requirements. Evaluate existing IT systems...
-
Information Security Specialist
2 months ago
hong kong, Hong Kong SAR China Swing Consulting Ltd. Full timeSW8682 | 05 Aug 2024 Information Security Specialist Responsibilities: Enhance security posture. Maintain and update security policy. Plan and design security architectures and implement different security solutions to safeguard network and system. Implement cybersecurity control mechanisms which are consistent with risk strategy. Analyse cybersecurity...
-
Senior Information Technology Business Analyst
2 months ago
hong kong, Hong Kong SAR China Projob21.com Ltd. Full timeSenior Information Technology Business Analyst Expansion North Asia Headcount Transformation & Project Management MNC, Fintech & Financial Institutions Our Client Representing various MNC and industry leaders of wealth management, fintech and financial institutions to search for Information Technology Business Analysts. Job Duties You will be responsible...
-
Hong Kong, Hong Kong SAR China Manulife Full timeJob Description The Opportunity The ETS Asia Control Integrity team is the security and compliance team under the ETS Asia Umbrella. The team performs security assessments for new technologies and new projects, in addition to performing an assurance function to ensure ETS comply with company and regulatory security requirements. The incumbent will...
-
Information Security Manager
4 weeks ago
Hong Kong, Central and Western District, Hong Kong SAR China Shangri-La Full timeWe are seeking a highly skilled Information Security Manager to lead our enterprise-wide information security function.The ideal candidate will have a Bachelor's degree in a relevant discipline and at least 6 years of experience in managing information security for a sizable company.Key responsibilities include:Developing and implementing enterprise-level...
-
Information Security Architect
2 months ago
Hong Kong, Hong Kong SAR China NLS Full timeThe role: Team Leadership: Lead and direct a team covering the firm's cybersecurity operations. Ensuring the development of information security architectures, strategies, roadmaps, standards and procedures (cloud and on-prem). Collaboration: Work closely with various IT departments to validate information security and robustness for IT infrastructure,...
-
Security Analyst
3 months ago
Hong Kong, Hong Kong SAR China MORS Full timeDetails Posted: 14-Aug-24 Location: Hong Kong, Type: Full Time Salary: Open Internal Number: Our client, a leading company in the cybersecurity industry, is seeking a highly skilled and experienced Security Analyst to join their dynamic team. This is an excellent opportunity for a professional with a minimum of 5 years of experience in...
-
Information Security Administrator
3 days ago
Hong Kong, Central and Western District, Hong Kong SAR China IO TECH SOLUTIONS LIMITED Full timeIO TECH SOLUTIONS LIMITED, a renowned firm in the Asia Pacific region with over 50 years of experience and a commitment to sustainable solutions, is seeking an Information Security Administrator in Hong Kong. This role involves document control, ensuring records are organized, up-to-date, and compliant.This position is based in our Yuen Long office and...
-
Regional Information Security Specialist
3 weeks ago
Hong Kong, Central and Western District, Hong Kong SAR China CHUBB Full timeJob Summary:The Regional Information Security Specialist will be responsible for overseeing the information security program across assigned countries and business units. This role will involve driving security management outcomes, building a strong security-aware culture, and demonstrating support aligned to Chubb's Global Information Security...
