For US-based job applicants - If you require assistance or accommodation in completing any aspect of the application process, please contact the Cathay Pacific Americas Talent Acquisition team at: jobs@cathaypacific.com

Going, going, gone...

Looks like this career opportunity is no longer available. We may have filled the position or it was taken down for other reasons. We know this isn’t what you were hoping for but we have great new opportunities opening all the time.

Start a new search now!

IT Risk Management Lead

  • IMT - Information Technology
  • Hong Kong Special Administrative Region of China
  • Cathay Pacific
  • Application Deadline
    30 Nov 2023
Role Introduction

Reports To: IT Risk Management Senior Lead

The role of a lead in IT Risk management is to Own, develop, maintain and assess the end to end process of IT risk management in the organisation. The role provides hands-on on assessing risks, advising mitigation steps, reporting and ensure that the risk posture is better with low exposure to risks. Must have excellent quantitative and analytical skills, along with the ability to apply those skills across a variety of business processes.

Key Responsibilities

  • Designing and implementing an overall risk management process for the organisation, which includes an analysis of the impact on the company when risks occur
  • Performing a risk assessment: Identifying potential risks and analysing risks that are affecting the company
  • Performing a risk evaluation: Evaluating the company’s previous handling of risks, and comparing potential risks with criteria set out by the company such as costs and legal requirements and also in consideration to current and implemented controls
  • Developing proposed responses, to include recommendations for corrective actions and mitigations
  • Performing risk response in consideration to cost of response to reduce risk within tolerance level, risk rating, feasibility and effectiveness of the response.
  • Establishing the level of risk the company are willing to take
  • Maintaining on-going risk monitoring with the risk owners for the latest development to the mitigation status and timelines.
  • Regular reporting to leadership in term of the latest IT Risk registration, review and closure.
  • Risk reporting tailored to the relevant audience. (Educating all level of risk owners about the most significant risks to the business; ensuring risk owners understand the risks that might affect their departments; ensuring individuals understand their own accountability for individual risks)
  • Building IT risk awareness amongst staff by providing support and training within the company
  • Work closely with extended teams in like security operations and assurances to provide necessary support in risk assessments and required guidance on mitigation
  • Own and maintain tools used for Risk Management 

  • Minimum 7 years’ solid working experience in the IT industry and at-least 3 years in Risk Management area
  • Lead small teams
  • Ability to make timely and efficient decisions.
  • Tertiary educations are desirable
  • Requirement of Security certificates like CRISC, CISSP is preferred
  • Collaborating with leadership to determine and document the organizations level of risk tolerance
  • Familiar with IT Risk management tools
  • Ability to make timely and efficient decisions.
  • Capturing, understanding, and explaining the risk to stakeholders across the organization
  • Risk report tailoring to the relevant audience
  • Excellent verbal and written communication skills across internal and external organizations.
  • Ability to prioritize and manage several projects or priorities simultaneously.
  • Strong interpersonal skills and the ability to interface with all levels
  • Make an active contribution on developing IT risk management
  • Promote Risk management within IT and BU
  • Provide support to all team members
  • Knowledge of project management practices and ITIL processes
  • Strong acumen in vendor management and stakeholders management
  • Practical Project Management experience on traditional waterfall and agile development life cycles
  • Strong problem solving and analytical skills
Personal & Application Information

Cathay Pacific is an Equal Opportunities Employer. Personal data provided by job applicants will be used strictly in accordance with our personal data policy and for recruitment purposes only. Candidates not notified within eight weeks may consider their application unsuccessful. All related information will be kept in our file for up to 24 months. A copy of our Personal Information Collection Statement will be provided upon request by contacting our Data Protection Officer.

Apply now