IT Risk Manager

We are seeking an experienced Technology Risk Manager with a proven track record in cybersecurity and IT risk management. The ideal candidate will have 10+ years of experience in managing IT risk frameworks, controls, and regulatory compliance, particularly within the Hong Kong governance landscape. This role will lead IT risk-related activities, including maintaining the IT risk register, conducting risk and control assessments, and managing security exemption processes. A strong understanding of technical security controls across infrastructure, applications, and identity/access management is essential.

Responsibilities of the Role:

• Lead IT risk and control assessments across infrastructure, applications, and private cloud environments.
• Develop, maintain, and continuously improve the IT risk register.
• Manage the IT security exemption process, ensuring proper documentation and risk evaluation.
• Act as the primary point of contact for internal and regulatory inquiries related to IT risk and security.
• Oversee security documentation, including policies, procedures, and assessment reports, ensuring accuracy and compliance.
• Provide oversight on the implementation of IT risk mitigation measures and escalate issues when necessary.
• Drive continuous improvement in IT risk governance and control practices.

Required Skills for the Role:

• Minimum 10 years of experience in IT risk management, cybersecurity, or related fields.
• Strong understanding of IT controls and risk frameworks (e.g., COBIT, NIST, ISO 27001).
• Familiarity with Hong Kong regulatory requirements and governance standards for IT security.
• Proven experience in conducting IT risk assessments and managing control processes.
• Excellent written and verbal communication skills in English.
• Strong analytical and critical thinking skills with attention to detail.
• Ability to manage multiple priorities and complex tasks effectively.
• Relevant certifications (e.g., CISM, CRISC, CISSP, ISO 27001 Lead Auditor) are highly desirable.