Our top tier client is looking for a skilled Risk+ Information Security Managerial candidate to join them as Senior Manager in the Cyber Security team.
This position plays a significant role in supporting management and Director of Information Security("IS") of the company to promote and enhance the maturity of cybersecurity resilience of the organisation.
Permanent, full-time position.
(Daily operation) Information Security Advisory and Assessment:
- Assess and evaluate information security products and solutions
- Advise and assess security control of mission-critical applications and IT infrastructure services
- Facilitate the deployment of strategic information security solutions to address the cyber threat and information security risk exposure
- Ensure the cybersecurity resilience to proactively prevent from business disruption or service outage
- Reduce risk exposure, improve efficiency, and strike balance of data protection
Communications and engagement with key stakeholders such as Head of IT teams and Head of Departments:
- Improve the awareness of the senior management, business users and IT professional on the technology threat the company is facing and more sensitive on protecting customers' interest and privacy
- Promote the importance of the compliance of company standard, and driving thought leadership in this evolving paradigm
- Coordinate ad-hoc cross-functional teams on special projects or strategic initiatives relating to IS
- Communicate with group offices, business partners, corporate clients, IT vendors and external parties on information security matters, as and when needed
- You are required to obtain the relevant license(s) if your job involves regulated activities
Minimum Job Requirements:
- Degree holder in Computer Science, Information Systems, Engineering, Risk Management, or a related discipline
- Minimum of 10 years on IT project management and information security field with experience & proven success in architecting, delivering or assessing cybersecurity and/or cloud security
- Knowledgeable of cloud industry trends for driving thought leadership in this evolving paradigm, and security challenges associated on the cloud journey utilising an "As a Service" model
- Solid knowledge in authentication solutions, like Multi-factor Authentication (MFA), OAuth2, SAML and encryption solutions, like RSA, AES, Azure key vault
- In-depth knowledge in hardening Internet-facing applications with highly confidential information.
- Hand-on experience of various security tools, like Burp Suite, openssl
- Very good understanding and demonstrated use of DevOps tools (e.g. Jenkins, Ansible) with CICD capabilities
- Holder of relevant IT security professional qualification preferred (such as CISA, CISM, CISSP etc.)
- Excellent communication (written and oral) skills, and demonstrable experience as a highly effective facilitator of cross functional teams
- Ability to solve complex problems while effectively communicating technical concepts.
- Ability to learn and apply new technologies quickly
- Confident and trustworthy; keen to earn the respect and trust of, and inspire, others. Independent and strong self-initiative to work creatively and analytically when solving problems
NOTE: Open for valid HK Work Visa holder and HK PR only.