I'm working with an Insurance client and looking for an experienced IT Security Manager. Ideally, this candidate comes from a technical hands-on enterprise security background, who has exposure across first and second line of defense.
If this sounds like you, then please apply here or reach me directly.
NOTE: Job open for valid Hong Kong visa/PR holders only.
Main Responsibility
- Assist and support IT Security & Risk Lead to plan and implement the IT security strategic plans, cybersecurity and digital/Information Risk Management initiatives.
- Evaluate, design and deploy of information security related solutions/services, particularly with regard to cloud initiatives and internal infrastructure and applications
- Conduct internal / 3rd party risk assessments, vulnerability assessments, penetration test, data hosting security assessment as well as promote security awareness and practices for the organization
- On-going monitor security risks and review IT security policies, standards procedures for the company
- Implement local procedures in order to adhere to the relevant local and Group compliance procedures and obtain satisfactory audit and regulators' review reports
- Implement process and solution to increase and maintain Cybersecurity maturity level with reference to common industrial standard
- Leverage Global/Regional best practices and security solutions
- Manage project risks & escalate project issues to Supervisor/Head of IT & Functional Business Heads
Qualification and Experience Requirement
- 8-10 years of solid experience in Information Security, Cybersecurity, Infrastructure, IT Risk & Compliance and Project Management related areas
- Financial Enterprise IT security/risk experience with exposure across HKMA, IA and PCI security requirement as a plus
- Experienced in performing security risk assessment and audit based on industry standards and framework in ISO 27000 series, NIST, COBIT etc.
- Professional certification in of CISSP, CEH, CISA, CRISC or CISM equivalent
- Certified in PMP, PRINCE2 is preferred
- University degree in Computer Science, Information Systems or other technology-related disciplines
- Fluent in both spoken and written English and Chinese.