Systems Security & Control Manager , Hong Kong

Employer: Hong Kong Interbank Clearing Ltd

Our Company is jointly owned by the Hong Kong Association of Banks and the Hong Kong Monetary Authority. We provide various services to banks and financial institutions covering interbank real-time fund transfer with payment vs. payment capability, debt securities clearing and settlement, and interbank cheque and electronic clearing and settlement. We are looking for suitable candidate to take up the following job position who will be reporting to the Deputy Head, IT Operations:

Systems Security & Control Manager


Responsibilities

Maintain appropriate computer and network access controls, data, and physical security to ensure no security exposure;
Establish and maintain security policies, guidelines and procedures;
Implement and operate different security tools/packages on various system platforms and network equipment;
Coordinate with all units to ensure their compliance with established security policies, standards and procedures;
Conduct periodic review of system, procedures and installations to detect security vulnerability;
Monitor the security logs on various systems platforms, applications and network equipment and report anomalies;

Maintain the company-wide Information Security Management System (“ISMS”) in compliance with the ISO27001 standard;
Provide training to staff members to promote information security awareness;
Liaise with external auditors for various audit exercises;
Devise and implement effective and secure fire-fighting facilities on all platforms and systems in support of emergency production incidents; and
Assure confidentiality and integrity of production systems

Requirements:
University education preferably in information technology or related discipline;
Over 10 years of experience in operating mission-critical and highly secured financial applications with in-depth exposure to system, network and application security, and production control methodologies;
Solid knowledge and experience in one or more of the following areas: (i) mainframe running z/OS with RACF; (ii) Unix / Linux / AIX systems; (iii) Windows systems; (iv) security equipment and software such as firewalls, routers, vulnerability scanning tools, intrusion prevention systems and intrusion detection systems; (v) the security of SWIFTNet services and SWIFT’s applications including SWIFTAlliance Access (“SAA”), SWIFTAlliance Gateway (“SAG”) and Hardware Security Module (“HSM”); (vi) digital certificates, Public Key Infrastructure (“PKI”) and cryptographic operations; and (vii) payment filtering systems;

Knowledge of the security practices and standards commonly adopted by the banking/financial industry and the ISO27001 standard;

Good presentation, inter-personal, communication and documentation skills; and


Exposure to computer audit or ethical hacking methodologies an advantage.

Attractive remuneration package will be offered to the selected candidate. Interested parties should send their curriculum vitae stating current and expected salaries, and contact phone number to the Head, Human Resources Department, Unit B, 25/F, MG Tower, 133 Hoi Bun Road, Kwun Tong, Kowloon, Hong Kong or by e-mail to hrm@hkicl.com.hk.


All applications will be treated in strict confidence and only be used for recruitment related purpose.