Job Highlights
- CISSP, CISA, CRISC, ISO27000
- PMP, PRINCES
- Cybersecurity
Job Description
Responsibility
– Assist and support IT Security & Risk Lead to plan and implement the IT security strategic plans, cybersecurity and digital/Information Risk Management initiatives;
– Evaluate, design and deploy of information security related solutions/services, particularly with regard to cloud initiatives and internal infrastructure and applications;
– Conduct internal / 3rd party risk assessments, vulnerability assessments, penetration test, data hosting security assessment as well as promote security awareness and practices for the organization;
– On-going monitor security risks and review IT security policies, standards procedures for the company;
– Implement local procedures in order to adhere to the relevant local and Group compliance procedures and obtain satisfactory audit and regulators’ review reports;
– Implement process and solution to increase and maintain Cybersecurity maturity level with reference to common industrial standard;
– Leverage Global/Regional best practices and security solutions;
– Manage project risks & escalate project issues to Supervisor/Head of IT & Functional Business Heads;
Requirement
– 8-10 years of solid experience in Information Security, Cybersecurity, Infrastructure, IT Risk & Compliance and Project Management related areas;
– Financial Enterprise IT security/risk experience with exposure across HKMA, IA and PCI security requirement as a plus;
– Experienced in performing security risk assessment and audit based on industry standards and framework in ISO 27000 series, NIST, COBIT etc.;
– Professional certification in of CISSP, CEH, CISA, CRISC or CISM equivalent;
– Certified in PMP, PRINCE2 is preferred;
– University degree in Computer Science, Information Systems or other technology-related disciplines;
– Fluent in both spoken and written English and Chinese.