Show more filters
Banner image for HSITP Hong Kong-Shenzhen Innovation and Technology Park
Job Type   /   Job Level
Full-time   /   Senior Executive
Company Location
Hong Kong

Responsibilities:

  • Define and develop IT security strategy, governance and refreshment roadmap with effective resource allocation across vendors and teams
  • Being the leading expert in the field of IT security, providing professional advice to the Division and the Company
  • Manage the team to co-ordinate with users of the Company on IT security issues and enquiries
  • Lead efforts to identify and prioritize vulnerabilities and threats to develop risk mitigation plans
  • Act as focal point for internal and external audit and regulatory inspection over information security matters
  • Review and approve security design of IT infrastructure & Applications systems for security compliance requirements
  • Manage the security reviews and audits for internal and external stakeholders including but not limited to SRAA, BCP, Drill, PIA, and Compliance gap analysis
  • Explore the cybersecurity solutions and manage vendors to implement or enhance systems, aligning with best practices of security control for protecting the corporate assets related to information
  • Lead information security incident management, including implementation of monitoring tools for security incidents, information security response, post-incident reviews, and improvements
  • Define, review, revise and enforce IT security policies, procedures, and standards to ensure adherence to relevant regulations and compliance of public organization and corporate requirements, including but not limited to DPO framework, policies and guidelines, Protection of Critical Infrastructure (Computer Systems) Ordinance & CoP, The Personal Data (Privacy) Ordinance & CoP, NIST, CIS Controls, ISO/IEC
  • Perform other ad-hoc duties and assignments as required


Requirements:

  • Bachelor’s degree in Cybersecurity, Information Technology or related disciplines
  • Minimum 10 years of working experience with solid track record in IT security, governance, and compliance within sizable organizations, ideally with presence in public organizations or quasi-government organizations, with 5 years managerial roles
  • Practical knowledge in local / global standards / framework, e.g. DPO framework, policies and guidelines, Protection of Critical Infrastructure (Computer Systems) Ordinance & CoP, The Personal Data (Privacy) Ordinance & CoP, ISO 27000 series, NIST, CIS Controls
  • Solid experience in SOC management and cybersecurity solutions
  • Proactive, strong problem-solving skills and ability to work under pressure, strong in communication and inter-personal skills
  • Holder of two of any related professional certifications (e.g. CISM, CISA, CISSP or CRISC), additional CCSP / CISP is the plus
  • Excellent presentation & communication skills and excellent command of verbal & written English and Chinese (both Cantonese & Mandarin)
  • Frequent Travel or Permanent Work in Lok Ma Chau Office is required (Shuttle bus service & MTR concession scheme available)


Company Benefits:

  • Competitive annual leave entitlement
  • MPF Top-up benefit
  • Medical benefits from Day-1 with extended coverage to dependent(s)
  • Dental & Life insurance
  • Training sponsorship
  • Professional membership fee reimbursement


Personal data provided will be treated in strict confidence and used for recruitment purpose only. All personal data collected will be used strictly in accordance with employer’s personal data policies, you can access the Personal Information Collection Statement at https://www.hsitp.org/en/career/page/1

Applicants not invited for interview within four weeks after application deadline may consider their applications unsuccessful. Personal data of unsuccessful applicants will be retained for a maximum of two years.

Jobs in Hong Kong   »   Jobs in Hong Kong, Hong Kong SAR   »   Senior Manager, IT Security

More jobs