Technical Manager, IT Risk and Controls

The Hong Kong Jockey Club

Founded in 1884, The Hong Kong Jockey Club (“the Club”) is a world-class racing club that acts continuously for the betterment of our society. The Club has a unique integrated business model, comprising racing and racecourse entertainment, a membership club, responsible sports wagering and lottery, and charities and community contribution. Through this model, the Club generates economic and social value for the community and supports the HKSAR Government in combatting illegal gambling.

Who are we?

We are the IT Division of HKJC, a vibrant community of over 1,500 dedicated professionals working collaboratively across Hong Kong and Shenzhen.

Our team is a diverse mix of individuals from various backgrounds, from all across the world. We embrace our humanity, recognizing that each of us brings unique strengths and perspectives. This diversity not only enriches our work environment but also drives our innovation and creativity as we strive to achieve our collective goals.

What do we do?

We design, build, and operate the technology that powers the Club. Our primary focus is on delivering the service that supports our hospitality, racing and wagering operations, to ensure that our customers and members enjoy exceptional experiences.

We also deliver the changes necessary to drive business growth through new products and services. And, we are committed to safeguarding the Club by protecting it from external threats, providing a secure and resilient technological environment.

The Department

The objectives of the IT Risk & Controls Department are to establish and maintain a robust risk management methodology that effectively identifies, assesses, and mitigates risks related to IT processes and technology. The department ensures that the Club’s IT risk posture is accurately reported and that operations remain within the defined risk appetite, thereby enhancing operational integrity and resilience. By aligning its risk management approach with the Enterprise Risk Management Framework and the Technology Risk Management Framework, and by working closely with business units, the department promotes accountability and transparency across both IT and business functions.

The Job

• Continuously working with ITD Stakeholders to assess and record risks and issues and support their closure
• Supporting the ITRC Team in recording the remediation effort and status of identified control deficiencies, reporting updates on the control assessment result and dashboard on control effectiveness and progress of improvement program
• Assist with ITD Control Self Assessments (CSAs) – working with ITD Stakeholders and wider ITRC team
• Generate comprehensive views of the Risk Profile for ITD
• Support the ITRC Team to engage 2LoD (2 Line of Defence) Stakeholders proactively to enhance the ITRC Service Catalogue, ITD Risk and Controls Posture and Governance Activities
• Supporting the ITRC Team in Governance, assurance and risk advisory activities across the ITD
• Review IT Risk treatment plans
• Provide risk briefings and develop artefacts to support governance
• Perform Root cause analysis of material incidents
• Support and recommend process and controls uplift for ITD
• Assess control deficiencies which could lead to incidents and record accordingly

About You

• Bachelor’s Degree (preferred) in Computer Science, Information Security, Operational Risk Management, etc 
• Professional risk management certification (e.g., CISM, CRISC, CISSP, ITIL) and /or industry body affiliation is an advantage
• Proven track record in implementing and administering an IT Risk Register
• Understands the Club’s unique culture and approach to risk management
• Skilled in assessing and quantifying technology and operational risks, evaluating mitigation measures, and offering practical recommendations
• Knows industry best practices and trends in IT standards, governance, risk, and internal control
• Experienced in Agile ways of working (Kanban, Scrum)
• Hands‑on with GRC tools and SDLC (Software Development Lifecycle) collaboration tools (e.g., JIRA, Confluence)
• Maintains GRC tools and supports risk dashboard generation
• Strong grasp of business and product context, including strategies, priorities, risks, and controls within their functional area
• Technically astute with strong analytical and decision‑making ability
• Excellent communication and report‑writing skills in English
• Strong communication, relationship management, and professional ethics
• Manages multiple tasks under pressure and with competing priorities
• Proactive and self‑initiating

Apply Now!

We offer competitive salary and benefits packages, a dynamic working environment and development opportunities.

Add horsepower to your career today. Click the “Apply Now” button to create an account and submit your application.

Equal Opportunity and Inclusive Hiring

We are an equal opportunity employer and strive to create an inclusive workplace for all. Applicants from diverse backgrounds are welcomed to apply. If you have any special needs or require accommodations during the interview process, please e-mail us via careers@hkjc.org.hk. Personal data provided by job applicants will be used strictly in accordance with the Club's notice to employees and job applicants relating to the Personal Data (Privacy) Ordinance. A copy of which will be provided immediately upon request.