Senior Information Security Manager

Position Overview

The Security Architect is responsible for designing, enhancing, and governing the bank’s security architecture across applications, infrastructure, cloud, data, and emerging technologies. The role ensures that security controls are embedded into technology designs, aligned with HKMA regulatory requirements, and capable of supporting the bank’s long term cyber resilience strategy. This position partners closely with IT, business units, project teams, and senior management to provide expert guidance on secure design and risk mitigation.

Key Responsibilities

Security Architecture Design & Governance

• Develop and maintain enterprise security architecture frameworks, reference architectures, and security design patterns.
• Define security principles, standards, and guardrails for applications, infrastructure, cloud, APIs, and data platforms.
• Review solution architectures, technical designs, and integration models to ensure alignment with security requirements.
• Provide expert guidance on secure network segmentation, identity architecture, encryption, key management, and zero trust principles.
• Ensure architecture decisions support scalability, resilience, and operational feasibility.
• Serve as the security architect for new projects, system enhancements, and technology initiatives.
• Conduct threat modelling, architecture risk assessments, and design reviews.
• Identify security gaps and recommend pragmatic, risk based mitigation measures.
• Collaborate with project managers, developers, infrastructure teams, and vendors to embed security early in the lifecycle.
• Define cloud security architecture for IaaS, PaaS, SaaS, and hybrid environments.
• Guide secure adoption of containers, Kubernetes, CI/CD pipelines, and DevSecOps practices.
• Evaluate emerging technologies (AI/ML, APIs, microservices, mobile, fintech integrations) for security implications.
• Ensure secure configuration baselines, identity models, and monitoring capabilities for cloud workloads.
• Provide architectural oversight for key security technologies such as IAM, PAM, SIEM, SOAR, EDR, DLP, WAF, and network security platforms.
• Ensure security tools integrate effectively with enterprise systems and support detection, response, and governance needs.
• Recommend enhancements to monitoring, logging, and incident response capabilities.
• Support the definition of security requirements for vendor solutions and third party integrations.
• Develop architecture documentation, security standards, and design guidelines.
• Present architecture decisions, risks, and recommendations to senior management and governance committees.
• Support regulatory inspections, internal audits, and external assessments.
• Act as a trusted advisor to IT and business stakeholders, promoting a culture of secure by design.

Qualifications & Experience

• Bachelor’s degree in Information Security, Computer Science, or related field.
• 8–12+ years of experience in security architecture, solution architecture, or senior security engineering roles.
• Strong knowledge of application security, network security, cloud security, identity architecture, and data protection.
• Hands on experience with cloud platforms (Azure, AWS), IAM/PAM, SIEM, EDR, WAF, and encryption technologies.
• Possession of relevant HKMA ECF Certifications in Cybersecurity.

Key Competencies

• Strategic thinker with strong technical depth.
• Ability to translate complex security concepts into clear, actionable guidance.
• Excellent communication and stakeholder management skills.
• Strong analytical, problem solving, and decision making capabilities.
• Proactive, collaborative, and committed to continuous improvement.