Jobs at Octopus Holdings Limited (Now Hiring) — 2 open

Job Responsibilities 

• Support continuous enhancements on product and solution risk assessment framework in accordance with the Guideline on Supervision of Stored Value Facility Licensees and other applicable HKMA requirements to empower risk assessment capabilities on innovation and emerging risk controls
• Provide second-line risk consultation for new product launches, significant enhancements, new payment flows, new technologies and strategic partnerships
• Independently assess, challenge and determine inherent and residual risk levels, control adequacy and mitigation completeness, including recommendations on risk acceptance
• Engage stakeholders from different departments (e.g. business owners, product, operations, technology teams) to ensure risks are appropriately identified, assessed and addressed prior to launch
• Monitor regulatory developments and emerging technology risks, articulate risk positions and regulatory considerations 
• Oversee post-implementation reviews and ensure timely remediation of control gaps
• Provide guidance and share knowledge with team members on technical knowledge relating to technical risks, including emerging technologies
• Support material preparations and participate in risk committees and senior governance forums
• Provide input to regulatory engagements, supervisory reviews and incident assessments

Job Requirements: 

• University Degree, Major in Information Technology, Information Systems, Computer Science, Cybersecurity or related discipline discipline
• At least 8 years of work experience in regulated financial institutions (banking, Stored Value Facility licensees preferred), payment institutions or FinTech companies 
• Demonstrated experience in leading security / risk control solutions design and development
• Demonstrated experience in working in disruptive and emerging technologies, such as cloud, AI-solutions, Web3 
• Experience in end-to-end payment product or solution implementation, including external integrations (e.g. payment gateways, vendors, service providers) is a definite advantage
• Sound understanding of application development life cycle (SDLC), technology risk concepts and security / control standards (e.g. OWASP, PCI, ISO)
• Familiarity with HKMA technology and operational risk supervisory requirements, such as TM-G-1, TM-E-1, TM-C-1, SA-1, SA-2 and OR-2
• Good understanding of risks associated with disruptive and emerging technologies, including cloud computing and artificial intelligence, and regulatory views on related risk controls expectations (e.g. HKMA Practice Guide on Cloud Adoption and High-level Principles on Artificial Intelligence)
• Relevant professional certifications (e.g. CISSP, CCNA)
• Strong ability to exercise independent professional judgment on risk severity, residual risk and mitigation effectiveness. 
• Excellent communication,  stakeholder management, organization and project management skills, with proven ability to engage and influence. 
• Understanding of technology and regulatory risks associated with emerging technologies such as AI or Web3
• Detail-minded with a structured and logical approach to work
• Able to manage multiple tasks and follow up actions effectively under guidance
• Able to work independently and collaboratively in a team environment
• Strong leadership, coaching and people management capability
• Structured, pragmatic and risk-conscious mindset. Ability to balance business growth, innovation and regulatory expectations
• Understanding of technology and regulatory risks associated with emerging technologies such as AI or Web3
   

We offer successful candidate an attractive remuneration package and excellent career prospects. Interested parties please send your resume, present and expected salary, contact details and quoting the reference number by clicking "Apply Now"

Visit our web site: http://www.octopus.com.hk/ [link removed]

The personal data collected will be used for recruitment purposes only. If you are not contacted by us within six weeks, you may consider your application unsuccessful. Personal data with an unsuccessful applicant will be destroyed 12 months after rejection of the application. During this retention period, you have the right to request for correction or destruction of your personal data at any time. Any request for the correction or destruction of personal data should be addressed in writing to our Human Resources & Administration Department.

Octopus is an equal opportunity employer and all employment decisions and Human Resources policies are administered; especially those relating to recruitment & selection, compensation & benefits, promotion & transfer, training & development and termination & redundancy; without discrimination on the basis of age, race, colour, religion, sex,national origin, marital status, pregnancy, physical and mental disability and family status but on genuine occupational qualification, job performance, employees’ ability and internal/ external relativities.

Octopus Holdings Limited

Born from Hong Kong's demand for fast, convenient, and reliable payment solutions, Octopus introduced the world's first contactless multi-modal transit payment system in 1997. Since then, this homegrown FinTech company has pioneered innovative payment solutions for urban living across four continents.

Our Vision

To become the most preferred payment and lifestyle companion that connects customers and business partners through our best-in-class products and services.

Our Mission

Making everyday life easier.

Our Values

Customer Centricity, Simplicity & Trustworthiness.

Dedicated to addressing customer needs and adapting to evolving market trends, Octopus has broadened its services beyond transportation to encompass retail, e-commerce, cross-border transactions, and travel abroad. Today, we serve approximately 98% of Hong Kong’s population, processing around 15 million transactions at more than HK$300 million on average daily.

At the heart of our success are our colleagues. We value mutual respect, foster collaboration, and encourage innovation and partnership. Join us and shape the future of payment solutions. Your impact starts here!