• Develop and ensure effectiveness of the IT Risk Management in terms of framework, governance, risk appetite, methodologies, policeis and processes
  • Support and conduct the identification and analysis of IT risks including the monitoring of potential emerging risks.
  • Work closely with business and function units to identify, assess and mitigate risks.
  • Partner stakeholders in risk assessments, establish risk strategies and develop appropriate risk mitigation plans and risk indicators
  • Develop analytics for risks and dashboards for risk monitoring and reporting, and provide meaningful insights. 
  • Drive risk awareness to foster a positive risk culture that will enable proactive management of risks and grow risk competencies across the organisation.
  • Provide advice to management and working groups on IT risks and associated risk issues.
  • Support Community Care sector's cybersecurity programme.  
  • Support IT security awareness programme   


  • IT/Engineering related discipline or equivalent experience- CISSP / CISM certifications or equivalent
  • At least 5 years of progressive work experience in Cyber Security or Information Security-
  • Strong knowledge of common cyber security management framework, such as ISO and NIST.
  • Familiar with IM8 a plus- Hands on understanding of the current cyber threat landscape, attack methodologies, and risk mitigation and remediation methods
  • Strong project management skills, experience in project planning, execution, tracking and progress reporting. 
  • Good presentation and communication skills
  • Experience with systems administration a plus.