「科技風險管理經理」的相似工作

我們是一支結合 【創意與數據】 的跨域團隊， 專注於 SEO、網站行銷策略、文案企劃與網站分析，並結合軟體工程專業， 為客戶提供量身打造的行銷與技術整合服務。 在開放、扁平、友善的文化中，我們重視專業與品質，也相信數據與創意能改變未來， 誠摯邀請你加入這個一起成長的團隊！ _____________________________________________________________________________________________ <工作內容> ※ 日常工作（Routine）： 1. 提供 IT 支援與疑難排解（PC、網路、作業系統、軟體） 2. 管理 IT 資產與設定（作業系統、應用程式、硬體） 3. 產品與系統運維（環境建置、部署、監控、告警排除） ※ 專案任務（Project-based）： 1. 建置與優化 CI/CD 流程（GitLab CI） 2. 推動資訊安全管理與稽核流程 3. 雲端與容器化基礎設施維運（VM / Docker / 虛擬機） ※ 橫向合作： 1. 協助開發團隊進行系統部署與自動化建置 2. 與管理層溝通，撰寫 IT 作業與安全政策文件 3. 擔任團隊內部的 IT 支援角色，提升整體運營效率 <必要條件> 1. 2 年以上 IT 支援或系統管理相關經驗 2. 擅長至少一種程式語言（Python 佳） 3. 熟悉網路連線與設備管理 4. 擅長流程化與自動化實作 5. 良好的團隊合作能力，能提供夥伴技術支持 <加分條件> 1. 具備雲端平台、容器架構（如 Docker）經驗 2. 熟悉監控與日誌系統（如 Prometheus、Grafana、EFK） 3. 熟悉 Git 與版本控制工具 4. 有 DevOps 相關工具實作經驗

負責銀行 / 保經代通路系統之資料傳輸需求分析與流程規劃，涵蓋傳輸規格溝通、問題釐清、需求提出及測試作業。  1.需求撰寫、需求確認書討論及確認，並視需求進行跨部門協調溝通。  2.測試計畫撰寫、測試作業執行，如期上線並確保系統傳輸資訊正確性。  3.待開發之系統需求蒐集、彙整。  4.提供新系統上線前user通知及訓練。 上述相關作業範圍包括新商品上線、專案相關系統調整執行、以及一般性的系統優化。

•協助專案經理規劃與協調專案範疇，並追蹤進度與資源運用 •參與專案會議，掌握進度、評估執行情況並提出建議 •管理專案相關行政事務與資源排程 •策劃與執行專案活動，促進跨部門協作

為確保您的申請能順利進入甄選流程，本職缺僅受理透過 安達人壽官網 投遞的履歷。請點擊以下連結完成申請：https://reurl.cc/EQeRNR （提醒您：若僅於 104 投遞履歷，將不會進入審核流程） ★使用小提醒： • 104 網頁版：請直接複製上方連結至瀏覽器，即可查看職務說明(JD)與投遞履歷。 • 104 App版：請滑至下方「聯絡方式」>「其他」欄位，複製該處連結至瀏覽器，即可查看職務說明(JD)與投遞履歷。 • 官網語言切換：您可於職缺頁面右上角選擇「繁體中文」，方便瀏覽。 ★進一步了解安達人壽 • [開箱影片] 走進我們的辦公室，認識工作環境、福利與文化 https://youtu.be/VEugiQZAcjc • [官方 Podcast] 探索我們如何打造支持成長與創新的職場 https://reurl.cc/ekd7XW

We are seeking a highly skilled and experienced Cybersecurity Project Supervisor to lead and oversee our cybersecurity compliance and improvement projects. The successful candidate will be responsible for planning and maintaining cybersecurity assurance, conducting audits, monitoring systems to prevent potential security risks, and managing and tracking cybersecurity incidents, events, and vulnerabilities. This role requires strong project management skills and the ability to work collaboratively with cross-functional teams to ensure the highest levels of cybersecurity across the organization. Key Responsibilities: 1. Cybersecurity Compliance: - Develop and implement comprehensive cybersecurity policies and procedures. - Conduct regular cybersecurity compliance audits to ensure adherence to industry standards and regulatory requirements (e.g., ISO 27001, NIST, GDPR). - Document findings from audits, prepare detailed reports, and recommend corrective actions. - Monitor compliance with cybersecurity policies and procedures to prevent potential security breaches. - Provide training and awareness programs to employees on cybersecurity compliance requirements. 2. Cybersecurity Enhancement and Improvement: - Plan and execute cybersecurity enhancement and improvement projects. - Conduct risk assessments to identify potential security risks and vulnerabilities. - Develop and implement plans to mitigate identified risks and vulnerabilities. - Stay current with the latest cybersecurity trends, threats, and technologies to continuously improve cybersecurity measures. 3. Cybersecurity Assurance: - Plan and maintain cybersecurity assurance activities, including auditing and monitoring. - Evaluate the effectiveness of existing security controls and identify areas for improvement. - Perform regular security assessments and penetration tests to identify weaknesses and vulnerabilities. - Ensure that cybersecurity measures comply with legal and regulatory requirements. 4. Incident Management: - Manage and track cybersecurity incidents and events, ensuring timely resolution. - Develop and implement incident response plans to address and mitigate cybersecurity incidents. - Maintain detailed records of cybersecurity incidents and breaches, including root cause analysis and lessons learned. - Coordinate with external cybersecurity experts and organizations as needed to respond to and resolve incidents. 5. Project Management: - Develop detailed project plans that outline the scope, objectives, timelines, and resource allocation for cybersecurity projects. - Allocate and manage resources effectively to ensure the successful completion of cybersecurity projects. - Communicate regularly with stakeholders, including senior management, to provide updates on project status and any security issues. - Provide security awareness training to project team members to ensure they understand and adhere to cybersecurity best practices.

✨公司穩健 ✨一日工時為7.5小時，工作與生活平衡 ✨提供免費接駁車定點接送，通勤更便利 ✨不定期舉辦多元的員工活動 ✨升遷制度透明 【風管系統管理人員】 －風險管理系統(含相關資料庫)評估、導入及維運 －風險儀表板開發及產出 －協助風險管理模型開發與維護 －完成主管交辦專案事項 【作業風險相關人員】 －負責作業風險之辨識、評估與監控相關事務，如關鍵風險指標(KRI)、風險與控制自評(RCSA)等作業 －彙整風險相關資料並提出管理報告 －協助第一道防線執行風險管理業務 －執行專案及主管交辦事項 ➷上班地點：台北市內湖區 【工作時間】 - 8:45~17:30 - 週休六日，見紅休 《應徵條件》 ✔專科以上畢業，財金/精算or商學相關科系佳 ✔具壽險相關 (如核保、理賠等)、風險管理、稽核等經驗 加分 ✔良好的溝通協調、邏輯分析能力、細心 Senior Consultant｜Sharon 葉小姐 [email protected] -------------------------------------------------------- ▲Linkedin：https://www.linkedin.com/in/sharon-yeh-9108b9247 ★歡迎加入臉書∣ Adecco · 金融產業資訊共享平台 ∣★ https://www.facebook.com/groups/adecco.bis/?ref=bookmarks 社群將提供更多就業機會/產業知識/重要資訊給您！

日期：2025/11/8（星期六） 時間：14:00~17:00 地點：台中 林酒店 當天將有專人指引 報名方式：請直接投遞104本職務連結 報名成功，會由招募團隊專人聯絡。 這場職涯分享交流會，帶你解鎖外商行銷工作全新模式！ 由保誠招募團隊暢談外商福利、薪資制度， 邀請知名藝人 【黃豪平】現場分享人生故事， 再由保誠學長、學姐，現場經驗對談。 歡迎對 #外商 #職涯 有興趣的新鮮人、二度就業、轉職的你來參加！ 一起與誠同行，為你的職涯創造無限價值！ 時間11/8(六) 13:40 開放入場 | 14:00正式開始 歡迎保險/保經/銀行 同業洽詢工作內容

The Cyebr Security Expert will be responsible for the day-to-day operation of our Taiwan laboratory and provide technical support to regional cyber labs. Working in partnership with SGS clients in Taiwan and Asia-Pacific, you will provide a best-in-class commercial cybersecurity testing, inspection and certification service and solution offering that focuses on device, infrastructure and cloud security. 【Key Responsibilities】 • Cybersecurity Assessment – Conduct assessments, gap analysis, and testing for Industrial Control Systems (ICS/OT) based on the IEC 62443 series standards. • Compliance Assessment – Support clients in establishing OT cybersecurity management systems, perform assessments, and verify compliance with international standards and local regulations. • Compliance Solutions – Provide recommendations to strengthen ICS/OT environments, covering areas such as vulnerability remediation, risk management, product security, and supply chain security. • Project Management & Client Engagement – Independently or collaboratively manage projects, including planning, executing assessment, drafting reports, and delivering professional advice to clients. • Training & Knowledge Sharing – Conduct cybersecurity training sessions, workshops, and internal knowledge-sharing to enhance both client and team capabilities. 【What We Offer】 • Opportunity to work in a global organization with cross-border cybersecurity projects and experts. • Exposure to real-world cybersecurity use cases across industries. • Career development and growth.

At HSBC, our purpose is opening up a world of opportunity and by joining our team, you can be part of something bigger. We are committed to removing barriers and ensuring careers at HSBC are inclusive and accessible. International Wealth and Premier Banking (IWPB) provides a leading premium proposition through Premier Banking and, together with our Global Private Bank, are present across the world’s most important markets, booking centres, and corridors most valued by our clients. Our wealth offering is further enhanced through our best-in-class manufacturing capabilities in Asset Management and Insurance. HSBC Asset Management, the investment management business of the HSBC Group, invests on behalf of HSBC’s worldwide customer base of retail and private clients, intermediaries, corporates and institutions through both segregated accounts and pooled funds. HSBC Asset Management connects HSBC’s clients with investment opportunities around the world through an international network of offices in 23 countries and territories, delivering global capabilities with local market insight. People responsibility: N Report to: VP, Investment Support Lead Job Contents: - 報表彙整與管理 - 熟悉財金相關系統操作如Bloomberg, CMoney等 - 熟悉投信法規 - 擅長跨部門協調溝通 - 具備財金投資相關專業知識

【職位概述】 為了能用金融創造更多的美好，為了能給所有的客戶提供最美好的金融體驗而使客戶夥伴們的生活更為美好，我們需要成為全球最頂尖的金融科技公司。 為了成為全球最頂尖的金融科技公司，我們需要能夠支持創新的稽核團隊，渴望創新，願意投入大量時間與精力去理解及支持創新。 稽核團隊為公司治理和風險管理的第三道防線，獨立評估美好投顧各單位內部控制的充分性與有效性，致力於提升公司整體內部控制環境，同時參與創新過程中各項專案的執行、潛在機會的計畫/提案、以及科技和業務領域的推進等。稽核主管在創新的過程中，作為公司內部可信賴的顧問和合作夥伴，即時提供確認和建議，並藉由不斷地拓展我們的視界，持續重新想像美好證券的系統、流程及實務作業。 【工作職責】 ・落實各項內控作業例行查核。 ・充分掌握營運流程及細節，於創新過程中辨識風險。 ・就外部法規及內部規範，提供內部控制諮詢和建議。 ・內部稽核查核計畫之擬定、執行，和稽核報告之撰寫。 ・外部檢查機關陪檢(含跨單位溝通協調)及改善事項追蹤複查作業。 ・稽核相關政策及查核程式之修訂(包含風險基礎評估方法論及稽核工具的研發建置)。 ・參與公司重要專案及針對管理層所訂定的政策、辦法、規章及作業流程等，提供內部控制及風險管理諮詢建議。 【你會收穫】 美好投顧在創新的過程中，非常注重公司治理和風險管理，所有單位共同發揮各自應有的作用，一同為了能給所有的客戶提供最美好的金融體驗相互配合，因此稽核主管與各業務線管理層皆建立緊密但獨立的合作關係，加入美好投顧稽核團隊，我們做的不僅是事後稽核，更能對事前防範做出貢獻，並且深入了解金融產業，從創新想法的發起、思考、計畫到真實實踐，一路協同參與以確保公司目標的達成。 【任職要求】 ・具備投信投顧業務員證照且二年以上金融業相關工作經驗、證券商高級業務員證照且三年以上金融業相關工作經驗或經教育部承認之國內外大學以上學校畢業或具有同等學歷，擔任證券、期貨機構或信託業之業務人員四年以上。 ・曾任職證券投資業，另有會計師事務所審計經驗為佳。 ・享受創新及挑戰、具備邏輯分析思考能力、善於看見及解決問題。 ・能架構撰寫有意義的書面報告，具備良好的溝通能力(包括口語及書面)。 ・有獨立作業的能力也能團隊合作。

• 制定和實施集團全面資訊安全策略與計劃。 • 評估潛在的安全風險，並制定相應緩解措施。 • 與IT團隊合作，確保安全措施得到有效執行。 • 定期進行安全審計和風險評估 • 為集團全體員工提供資訊安全培訓和意識提升。 • 監控安全基礎設施，確保系統和數據的安全。 I. Program Management 1. ISMS/Trade Secret Implementation and Maintenance 2. 配合事業單位建置資訊安全專案 3. 跨部門資訊安全事務之協調 4. 進行電腦鑑識與法律配合行動 II. Maintenance and Management of Information Security Solutions and Equipment 1. Security Monitoring 2. Event & Incident Management III. Risk assessment and management IV. Security Audit 1. 執行內部安全查核，包含制度管理定期查核、IT環境安全評估、專案查核等 2. 配合客戶要求查核及執行委外安全查核

• 明確定義各項數位平台之商業需求及資料需求，並將其文件化產出需求分析規格書 • 依API 的設計架構提供明確的測試概念及想法產出進行測試策略及測試案例文件 • 處理各式數位平台維護之系統需求分析，產出系統開發的需求規格書 • 依專案任務及系統需求進行相關開發與測試作業 • 執行與推動分析型專案的進行，有效組織/配合團隊合作完成專案分析任務 ***熟稔下列相關業務或系統建置經驗者為佳*** • 以信託方式銷售的內外部機構發行各類境內外投資商品 (MF、ETF、股票、Bond、組合式商品) • 金錢信託、有價證券信託(借券/還券)、不動產信託、保險金信託 、遺囑信託、公益信託 、員工福儲信託、票券預收款信託、電子票證儲存金信託 、交易中介信託、信託稅務、信託會計 • 台灣銀行黃金存摺系統建置經驗或黃金作業流程 • 保本/不保本SI：結合「 定期存款 」及「 衍生性金融商品 」、FX Swap SI：由「外幣定存」+「外幣換匯(Swap)」+「外幣遠期合約(Forward)」組成、金融債、雙元貨幣組合式產品(DCI)：連結「外幣定存」與「外幣選擇權」

一、即時風險監控系統之規劃及建置事項 二、建立與執行各項風險量化及質化管理機制 三、監控風險管理執行情形 四、製作風險管理分析報告 五、協助風險管理評鑑及主管機關查核工作 六、其他主管交辦事項

The IT Specialist, Support & Service is responsible for: • Managing the IT Service Desk function for HUGO BOSS Taiwan. • Providing timely and appropriate IT support for IT issues to HUGO BOSS Taiwan. • Effective and timely management of IT projects and key IT initiatives • The management of IT equipment in retail and office environment for HUGO BOSS Taiwan • Setup, configuration, monitoring and troubleshooting of end-user relevant IT equipment in office and retail environment. • Preparation of IT guidelines and manuals for end-user. • User Account management (User Administration & New User Authorizations). The role is accountable for managing the IT department. This is achieved by: • Delivering the IT business plan for HUGO BOSS Taiwan. • Ensuring the service desk for HUGO BOSS Taiwan, is managed in line with the IT Service Level Agreement (SLA). • Ensuring the service desk for HUGO BOSS Taiwan, is managed in line with IT Security & Data Protection policies. • Monitoring IT systems, server & network infrastructure and escalation of incident cases following Global IT Service Desk procedures and processes. • Providing relevant and effective coaching and training of IT processes & systems (hardware use / systems use etc) to stakeholders. • Revising, devising and executing IT policy and procedure. • Exceptional time management and organisational skills. • Clear communication with all departments within the company. • Building and maintaining relationships with internal and external stakeholders. • Participate and coordinate, regularly tasks, activities and feedback sessions, with Headquarter Germany and Share Service Center Hong Kong IT teams, work as a virtual team member of APAC IT team. This support role includes, but is not limited to maintaining the day to day IT requirements for the business and end to end IT project management.

1.內部稽核(證券經紀業務)查核計畫之執行、稽核報告之撰寫及檢查意見改善辦理情形之持續追蹤。 2.外部檢查機關陪檢(含跨單位溝通協調)及改善事項追蹤覆查作業。 3.內部稽核查核題庫之增修訂。 4.參與管理階層重要專案及會簽會辦管理階層所訂政策、辦法、規章及其他公文，提供內部控制及風險管理諮詢建議。

1.規劃執行各項稽核業務。 2.協調辦理各項外部查核相關工作。 3.其他內控或管理營運等業務。

<Job Description> 1. Performing various CFs runs using RAFM model. 2. Preparing NBV/NBM results/templates/slides under IFRS17 regime. 3. Perform scenario testing and analysis. 4. Producing RoRC/CIR and its commentary. 5. Working with Pricing, Risk Management, FMA and various channels whenever required. 6. Ad hoc tasks from CFO or regional office. <Characteristics of the job> - Being able to analyze and comment on the movement, provide insightful inputs for helping business steering. - Ambitious with strong analytical skills, good communication, teamwork orientation, involvement with non-Finance/Actuarial functions, and being able to perform under time pressure

【工作內容】 1.依據企業可能風險進行評估(如財務、營運、品質、資安與智財風險..)，擬定並執行年度稽核計畫 2.撰寫稽核報告，追蹤缺失改善與成效驗證 3.督導內控制度運作、自評與內控聲明書編製 4.配合主管機關與外部稽核作業 5.建立風險預警與通報制度 6.協助跨部門制度落實，推動公司治理文化 7. 其他主管交辦專案工作 【必要條件】 須具備擔任上市公司稽核主管法定資格 具備獨立向董事會、審計委員會呈報查核報告之實務經驗 熟悉內控制度、公司法、證券交易法、資安／個資法等相關法規 品行端正、無誠信瑕疵，具稽核獨立性與專業判斷力 【加分條件】 具 CIA／CISA／CPA／資安證照 熟悉 ISO 9001／14001／27001 或智財資產保護制度 曾參與跨部門稽核、專案治理、ESG 或供應商稽核

【中租亞太 MA｜海外財會儲備幹部】 Be the MAster of your life｜打造你的國際財會職涯 想挑戰海外工作？想在跨國企業中累積財會與管理經驗？加入中租亞太 MA 計畫，開啟你的國際職涯！ 【完整培訓 × 國際派外 × 海外管理職】 1. 兩至三年台灣總部財會訓練 2. 派外後擔任海外管理職，挑戰多元任務 3. 強大後勤支援 × 團隊合作文化 4. 明確升遷路徑 × ASEAN 國際視野 【你將獲得】 1.紮實培訓：國際化與在地化兼具的專業養成 2.優渥薪資：具競爭力的薪酬制度，快速累積財富 3.海外歷練：明確派外規劃，成為海外獨當一面財會主管 財會MA IG文章介紹：https://reurl.cc/vLr2D1

集團資訊安全稽核制度規劃與建置 資安風險監控與分析 資安制度的審查與調整建議 依照公司之政策或目標，訂定稽核工作計畫，並且實施 稽核專案任務執行 資安系統協辦評估導入 主管交辦事項

Please submit your application via Career Website(https://www.kkcompany.com/en-us/career-2/). KKCompany Technologies Group is a leading technology group in software services. We have created the world’s first legal music streaming platform, KKBOX, and are an international software technology group focused on “multimedia technologies, digital cloud, and AI applications” as our core business to create value for the customers. The group consists of self-owned brands including KKBOX, BlendVision, and Going Cloud with enterprise customers across Asia. KKCompany Technologies has attained OpenChain ISO/IEC 5230 and ISO 27001 third-party international certification. We have over 500 employees across offices in Tokyo, Singapore, Taipei, Kaohsiung, and Hong Kong. For more information please visit our website: www.kkcompany.com and blog: blog.kkcompany.com Senior Information Security Specialist: We are looking for an experienced Information Security Specialist who can operate independently and keep KKCompany’s rapidly scaling business aligned with ISO/IEC 27001, ISO/IEC 27701, and other relevant security and privacy requirements. You will drive internal audits, policy development, and security-awareness initiatives while collaborating with colleagues across product, operations, and compliance to embed a security-first mindset as the company grows. If you want a role that blends strategic impact with hands-on ownership of security and privacy, you’ll feel right at home here. Responsibilities: - Lead internal audits against ISO 27000-series standards, track remediation, and manage external audit schedules and evidence. - Develop, update, and enforce information security and privacy policies, procedures, and records to meet regulatory and standard requirements. - Monitor developments in security and privacy regulations (e.g., PDPA) and advise on control adjustments. - Conduct annual risk assessments, maintain the risk register, and coordinate mitigation actions across teams. - Design and deliver security and privacy awareness training and campaigns to raise organization wide security awareness. - Collaborate with engineering, cloud operations, legal, and external consultants to ensure controls remain effective and aligned with business needs. Requirements: - ISO/IEC 27001:2022 Lead Auditor certification, or equivalent direct audit experience. - Minimum 2 years of experience in information security management or security audit roles, with proven experience leading ISO 27001 internal audits. - Practical skills in drafting and maintaining security and privacy policies and procedures aligned with recognized standards. - Familiarity with risk assessment methodologies and experience maintaining a risk register. - Ability to design and deliver security awareness materials or training sessions for non-technical audiences. - Comfortable reading English standards and regulations and producing concise written documents; basic spoken English for discussions when required. - Strong interpersonal and coordination skills to work with colleagues from different functions and with external advisors. - Familiarity with project or issue tracking tools such as GitLab or Jira, and basic project management practices. Nice to Have: - Background in technology, software, or cloud service companies. - Additional certifications such as CEH, CISA, CISM, CIPM, or ISO/IEC 27701 Lead Auditor certification. - Excellent presentation, training, or cross cultural collaboration experience. - Demonstrated proactivity and problem solving skills, with the ability to influence multiple teams on security matters.