Back to job search

Group Manager, Security Governance & Compliance

  • Location:

    Hong Kong

  • Sector:

    Technology

  • Job type:

    Permanent

  • Salary:

    Up to HK$85000 per month

  • Contact:

    Marno Meyer

  • Contact email:

    Marno.Meyer@oliverjames.com

  • Job ref:

    JOB-012023-192980_1673921783

  • Published:

    15 dagen geleden

  • Expiry date:

    2023-02-16

This role would, in close partnership with internal and external stakeholders, provide highly skilled security expertise to develop and implement information security policies, and align controls and regulatory compliance requirements across The Group.

Responsibilities:

  • Develop, implement, and update security policies based on designated framework, emerging cyber threats, and industry best practices
  • Lead the information security compliance program across Group, and establish appropriate cybersecurity framework
  • Collaborate with operating companies and Group Internal Audit, to track and remediate security risks, and to report security compliance issues through security dashboard
  • Build and implement security awareness program to communicate security policies, and develop information security training plans and awareness activities for Group
  • Lead the creation, procurement, and delivery of awareness deliverables and learning content for Swire Group
  • Manage the creation and procurement of vendor security risk and compliance platform
  • Monitor performance of vendors, and identify and escalate any associated security risks
  • Work with Risk Management to manage cyber insurance program for Group, and ensure a comprehensive coverage of cyber insurance policy

Requirements:

  • Bachelor's degree in Information Security Management, Computer Science and Technology, Network and Telecommunication, and Information Systems Management
  • 10+ years of cybersecurity working experience, with at least 3 years in security governance and compliance
  • Proven track record in developing security policies, and leading audit and compliance program
  • Sound experience in vendor management, and security awareness training delivery
  • Strong understanding about security framework, such as NIST CSF, ISO 27001/2/5, CIS
  • Attainment of certificates, e.g., CISSP, CRISC, CISA, CISM, would be preferred
  • Excellent communication skills in both written and spoken English and Chinese. Fluent Putonghua is desirable

Image 2020 11 03 T18 19 45

The latest OJ Webinar

Are you looking to relocate?