Job Description
47 days ago
The Job
• Monitor internal/ external compliance reviews activities and follow up on deficiencies identified and ensure remediation steps have been taken
• Perform control and vulnerability assessments, assist in compliance monitoring reviews to identify control weaknesses, recommend remedial actions
• Report to senior management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance cases if any
• Provide an advisory role to business units and IT groups to assess security requirements and control; enforce security control policies as planned
• Assist in development of security architecture, policies, standards and related processes
• Resolve negative audit findings reported by internal and external audits by working with the IT action owners and tracking the remediation progress
• Develop and validate baseline security configurations for operating systems, applications, networking and telecommunications equipment
• Research and assess new threats and security alerts, and provide recommendations on solutions
• Assist to build/ monitor the IT security architecture for the Company infrastructure and business application environment
• Promote IT risk awareness to business units
The Person
• Degree holder in IT, Computer Science or related disciplines
• Minimum 8 years’ experience in IT industries with at least 2 years in security related role
• Solid experience on information security management framework such as ISO 27001, BS7799
• Certification in Information Security disciplines such as CISM, CISA or CISSP preferred
• Knowledge of Information Security best practices, such as PCIDSS or Secure SDLC is an advantage
• Strong project management and execution experience
• Self-motivated and able to work independently
• Good problem solving, analytical, communication and interpersonal skills
• Good command of written and spoken English and Chinese
• Monitor internal/ external compliance reviews activities and follow up on deficiencies identified and ensure remediation steps have been taken
• Perform control and vulnerability assessments, assist in compliance monitoring reviews to identify control weaknesses, recommend remedial actions
• Report to senior management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance cases if any
• Provide an advisory role to business units and IT groups to assess security requirements and control; enforce security control policies as planned
• Assist in development of security architecture, policies, standards and related processes
• Resolve negative audit findings reported by internal and external audits by working with the IT action owners and tracking the remediation progress
• Develop and validate baseline security configurations for operating systems, applications, networking and telecommunications equipment
• Research and assess new threats and security alerts, and provide recommendations on solutions
• Assist to build/ monitor the IT security architecture for the Company infrastructure and business application environment
• Promote IT risk awareness to business units
The Person
• Degree holder in IT, Computer Science or related disciplines
• Minimum 8 years’ experience in IT industries with at least 2 years in security related role
• Solid experience on information security management framework such as ISO 27001, BS7799
• Certification in Information Security disciplines such as CISM, CISA or CISSP preferred
• Knowledge of Information Security best practices, such as PCIDSS or Secure SDLC is an advantage
• Strong project management and execution experience
• Self-motivated and able to work independently
• Good problem solving, analytical, communication and interpersonal skills
• Good command of written and spoken English and Chinese
More jobs from hktservice
Account Manager, eLearning Sales
hktservice
Sales & Account Management
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
Media Support Specialist
hktservice
IT Support
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
Warehouse Operations Manager
hktservice
Business & Management
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
Senior Quality Assurance Officer
hktservice
IT Support
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
IT Infrastructure Systems Administrator
hktservice
Networking & System Administration
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
IT Business Analyst Lead
hktservice
Business & Management
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
More jobs like this
Manager, Cybersecurity
Haitong International Management Services Company Limited
Central and Western, Hong Kong
Senior / Technology Risk Manager (Cyber Security Control Division)
Bank of China (Hong Kong) Limited
Central and Western, Hong Kong
🎉 Got an interview?