Responsibilities:
- Conduct periodic risk and control assessments from technology risk perspective.
- Establish and implement remediation security controls based on IT initiatives on technology risk perspective.
- Lead and manage external parties to perform information security assessment including but not limited to; vulnerability scanning, penetration test, technical security assessment and etc.
- Manage and oversight outsourced Security Operation Center, incident response team and correlate with other teams to perform cybersecurity incident response and investigation.
- Conduct and perform periodic review and technical assessment when needed including phishing attack simulation, penetration test, vulnerability scanning and
Requirements:
- Certified in professional certifications, e.g.: CISSP, GSEC, GPEN, OSCP, CRISC, CISM,
- 8+ years' working experience in InfoSec/Cybersecurity/TRM/
- Knowledge with SFC requirements on Technology Risk
- With knowledge from Cybersecurity perspective on IT infrastructure, network security, Cloud, Application/Web security
- Able to communicate in Chinese & English
![](https://counter.adcourier.com/TWFybm8uTWV5ZXIuMTU5MzkuMTEwODZAb2xpdmVyamFtZXNhc3NvY2lhdGVzLmFwbGl0cmFrLmNvbQ.gif)