工作描述
47 天前
The Job
• Monitor internal/ external compliance reviews activities and follow up on deficiencies identified and ensure remediation steps have been taken
• Perform control and vulnerability assessments, assist in compliance monitoring reviews to identify control weaknesses, recommend remedial actions
• Report to senior management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance cases if any
• Provide an advisory role to business units and IT groups to assess security requirements and control; enforce security control policies as planned
• Assist in development of security architecture, policies, standards and related processes
• Resolve negative audit findings reported by internal and external audits by working with the IT action owners and tracking the remediation progress
• Develop and validate baseline security configurations for operating systems, applications, networking and telecommunications equipment
• Research and assess new threats and security alerts, and provide recommendations on solutions
• Assist to build/ monitor the IT security architecture for the Company infrastructure and business application environment
• Promote IT risk awareness to business units
The Person
• Degree holder in IT, Computer Science or related disciplines
• Minimum 8 years’ experience in IT industries with at least 2 years in security related role
• Solid experience on information security management framework such as ISO 27001, BS7799
• Certification in Information Security disciplines such as CISM, CISA or CISSP preferred
• Knowledge of Information Security best practices, such as PCIDSS or Secure SDLC is an advantage
• Strong project management and execution experience
• Self-motivated and able to work independently
• Good problem solving, analytical, communication and interpersonal skills
• Good command of written and spoken English and Chinese
• Monitor internal/ external compliance reviews activities and follow up on deficiencies identified and ensure remediation steps have been taken
• Perform control and vulnerability assessments, assist in compliance monitoring reviews to identify control weaknesses, recommend remedial actions
• Report to senior management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance cases if any
• Provide an advisory role to business units and IT groups to assess security requirements and control; enforce security control policies as planned
• Assist in development of security architecture, policies, standards and related processes
• Resolve negative audit findings reported by internal and external audits by working with the IT action owners and tracking the remediation progress
• Develop and validate baseline security configurations for operating systems, applications, networking and telecommunications equipment
• Research and assess new threats and security alerts, and provide recommendations on solutions
• Assist to build/ monitor the IT security architecture for the Company infrastructure and business application environment
• Promote IT risk awareness to business units
The Person
• Degree holder in IT, Computer Science or related disciplines
• Minimum 8 years’ experience in IT industries with at least 2 years in security related role
• Solid experience on information security management framework such as ISO 27001, BS7799
• Certification in Information Security disciplines such as CISM, CISA or CISSP preferred
• Knowledge of Information Security best practices, such as PCIDSS or Secure SDLC is an advantage
• Strong project management and execution experience
• Self-motivated and able to work independently
• Good problem solving, analytical, communication and interpersonal skills
• Good command of written and spoken English and Chinese
更多來自 hktservice
Account Manager, eLearning Sales
hktservice
銷售和客戶管理
中西區, 香港
7 天前
全職
辦公室工作
科技、資訊和媒體
Media Support Specialist
hktservice
IT支援
中西區, 香港
7 天前
全職
辦公室工作
科技、資訊和媒體
Warehouse Operations Manager
hktservice
商業管理
中西區, 香港
7 天前
全職
辦公室工作
科技、資訊和媒體
Senior Quality Assurance Officer
hktservice
IT支援
中西區, 香港
7 天前
全職
辦公室工作
科技、資訊和媒體
IT Infrastructure Systems Administrator
hktservice
網絡和系統管理
中西區, 香港
7 天前
全職
辦公室工作
科技、資訊和媒體
IT Business Analyst Lead
hktservice
商業管理
中西區, 香港
7 天前
全職
辦公室工作
科技、資訊和媒體
更多相似工作
Senior / Technology Risk Manager (Cyber Security Control Division)
Bank of China (Hong Kong) Limited
中西區, 香港
🎉 Got an interview?