IT Risk Management Lead

Cathay Pacific

  • Tung Chung, Hong Kong
  • Permanent
  • Full-time
  • 13 days ago
Cathay Pacific Airways is an international airline registered and based in Hong Kong, flying to over 190 destinations around the world.We are proud of our home Hong Kong, where the company was founded in 1946. Our corporate headquarters are located at Hong Kong International Airport. We employ over 21,000 people worldwide.We are also a founding member of the oneworld global alliance whose combined network serves over 750 destinations worldwide.Reports to: IT Risk Management Senior LeadDepartment: Information Technology (IMT)Role IntroductionThe role of a lead in IT Risk management is to Own, develop, maintain and assess the end to end process of IT risk management in the organisation. The role provides hands-on on assessing risks, advising mitigation steps, reporting and ensure that the risk posture is better with low exposure to risks. Must have excellent quantitative and analytical skills, along with the ability to apply those skills across a variety of business processes.Key Responsibilities
  • Designing and implementing an overall risk management process for the organisation, which includes an analysis of the impact on the company when risks occur
  • Performing a risk assessment: Identifying potential risks and analysing risks that are affecting the company
  • Performing a risk evaluation: Evaluating the company’s previous handling of risks, and comparing potential risks with criteria set out by the company such as costs and legal requirements and also in consideration to current and implemented controls
  • Developing proposed responses, to include recommendations for corrective actions and mitigations
  • Performing risk response in consideration to cost of response to reduce risk within tolerance level, risk rating, feasibility and effectiveness of the response.
  • Establishing the level of risk the company are willing to take
  • Maintaining on-going risk monitoring with the risk owners for the latest development to the mitigation status and timelines.
  • Regular reporting to leadership in term of the latest IT Risk registration, review and closure.
  • Risk reporting tailored to the relevant audience. (Educating all level of risk owners about the most significant risks to the business; ensuring risk owners understand the risks that might affect their departments; ensuring individuals understand their own accountability for individual risks)
  • Building IT risk awareness amongst staff by providing support and training within the company
  • Work closely with extended teams in like security operations and assurances to provide necessary support in risk assessments and required guidance on mitigation
  • Own and maintain tools used for Risk Management
Requirements
  • Minimum 7 years’ solid working experience in the IT industry and at-least 3 years in Risk Management area
  • Lead small teams
  • Ability to make timely and efficient decisions.
  • Tertiary educations are desirable
  • Requirement of Security certificates like CRISC, CISSP is preferred
  • Collaborating with leadership to determine and document the organizations level of risk tolerance
  • Familiar with IT Risk management tools
  • Ability to make timely and efficient decisions.
  • Capturing, understanding, and explaining the risk to stakeholders across the organization
  • Risk report tailoring to the relevant audience
  • Excellent verbal and written communication skills across internal and external organizations.
  • Ability to prioritize and manage several projects or priorities simultaneously.
  • Strong interpersonal skills and the ability to interface with all levels
  • Make an active contribution on developing IT risk management
  • Promote Risk management within IT and BU
  • Provide support to all team members
  • Knowledge of project management practices and ITIL processes
  • Strong acumen in vendor management and stakeholders management
  • Practical Project Management experience on traditional waterfall and agile development life cycles
  • Strong problem solving and analytical skills
Application Deadline: 30 Apr 2024Personal & Application InformationCathay Pacific is an Equal Opportunities Employer. Personal data provided by job applicants will be used strictly in accordance with our personal data policy and for recruitment purposes only. Candidates not notified within eight weeks may consider their application unsuccessful. All related information will be kept in our file for up to 24 months. A copy of our Personal Information Collection Statement will be provided upon request by contacting our Data Protection Officer.

CTgoodjobs

Similar Jobs

  • IT Specialist - Cybersecurity

    Hong Kong Air Cargo Terminals Limited (Hactl)

    • Chek Lap Kok, Hong Kong
    Hong Kong Air Cargo Terminals Limited (Hactl) is one of the world’s leading air cargo terminals. We operate SuperTerminal 1, a world class facility to provide excellent and highly …
    • 3 days ago