Brilliant opportunity as Deputy Executive Manager - IAM in an ever growing and international cyber security team, with a good security budget and exciting projects to be a part off.
- Lead the development of a single Identity & Access Management service capability based on the principles of the company IAM Strategy.
- Act as the IT&S IAM lead representative in areas requiring IAM system and process expertise when liaising with internal and external stakeholders.
- Provide both team/thought leadership and guidance to members of the IAM team.
- Review, assess and align existing IAM capabilities and resources to provide a single "one-stop-shop".
- Participate and influence the review, enhancement and selection of IAM related technologies and controls used Company wide.
- Communicate the Company IAM security policy and defined operating model across the lines of business to ensure system integration requirements and expectations are understood.
- Set and support the continuous enhancement of metrics for area of IAM expertise/specialty regularly used for MI (Management Information) reporting, such as KPIs and KRIs.
- Mentor and help develop team members to ensure a robust process, skillset and overall professional capability is established and further promoted.
- Work in tandem with other Information Security (IS) and IT&S teams in driving a consistent and achievable cybersecurity strategy across the Company.
- Participate and contribute positively to create a diverse and inclusive culture with trust and respect. Play an active role to support cross team/division/department efforts and model collaborative behaviours.
You should have:
- University degree or above in IT, Management Information System or cybersecurity.
- Minimum 15 years work experience in technical IT roles, with at least 5 years hands-on experience in enterprise identity and access management system, single sign on authentication, and security infrastructure.
- Strong presentation skill to broad audience and senior management.
- Self-motivated, solid organisational, problem solving and analytical skills with the ability to work under pressure and set right priorities to deliver results on time.
- Ability to build relationship with stakeholders and facilitate effective discussions with people at all levels.
- Experience with security reverse proxy, federation gateway, policy and session server, workflow engine system and LDAP and Active Directory.
- Experience performing identity access analysis with Security Data Analytic technology on SIEM, especially Splunk and/or ELK.
- Experience in multi-factor authentication, secure adaptive and contextual control for strong authentication on account and device identity.
- Strong understanding of networking protocols, operating systems and cyber security concepts and technologies.
- Experience in privileged account management and user account and access review recertification champion and adoption of security standards and practices to business stakeholders.
- Industry-recognised certification in information security or equivalent experience (e.g. CISA, CISM, CISSP).
- The Department
- The Information Security Department of the Information Technology and Sustainability Division works to protect the reputation and enhance operational resiliency of the Hong Kong Jockey Club by ensuring the availability, integrity, and confidentiality of the Club's communications and network infrastructure, application systems and data.