SENIOR IT SECURITY MANAGER (CYBER RISK & ASSURANCE)

Grey Anderson Limited

Hong Kong

8-10 Years

This job is no longer accepting applications

Posted 36 months ago

Job Description

Job Description :

Responsibilities:

Support and drive security management's directives in priority
Enhance current practices to mitigate cyber risks and the establishment of a risk framework
Align risk appetite and fine-tune processes necessary within the business
Support and conduct security compliance and governance exercise and awareness refresh programme
Follow and execute risk management practices with Risk Registers, Issue Management, Risk & Controls Library, Impact Thresholds, Risk Reporting, Controls Testing, and Security Governance
Assess risks based on policy, standards, technology compliance requirements and best practices IT and business projects and activities
Ensure security measures properly adopted for risk mitigation
Risk exception and acceptance must be well governed, timely validated and properly escalated
Prepare reporting to senior management on the current security posture
Contribute to third-party risk management and well engage with and manage audit activities
Participate and contribute positively to create a diverse and inclusive culture with trust and respect. Play an active role to support cross team/division/department efforts and model collaborative behaviours

Requirements:

University degree or above in IT, Management Information System, cybersecurity and/or risk compliance
At least 8-10 years of experience in IT technical roles and audit, 3 years of hand-on in technology risk assessment and security compliance aspects
CISA, CISSP, CRISC or equivalent is preferable
Knowledge of ISMS, ISO27000, ISO31000 and other major information security frameworks/Practices e.g. NIST, COBIT etc.
Strong knowledge of Audit control framework, IT general controls, Cybersecurity Risk, Tech Risk (including infrastructure, cloud and applications security)
IT background with operations, enterprise networking, operating systems and database security risk controls
Sound skill across: DevSecOps, cloud security, PII, GDPR, and Cyber security laws in China
High problem solving, risk management and analytical skills
Strong interpersonal, management, negotiation and presentation skill
Experience in adopting risk-based assessment methodologies and engaging audit counter-parts
Experience in performing risk assessment and evaluation
Experience in reporting risk tailored to IT and business stakeholders about most significant risks to the business
Competency consulting background in IT, Cyber Security and/or IT Audit and Control Compliance
Competency interacting with seasoned colleagues on Technology and Cybersecurity Risk, Audit and compliance agenda
Experience in building and promoting risk awareness amongst IT and business staff by providing support and training within the company
Effectively manage multiple priorities, work independently and in a team-oriented and collaborative environment
An aptitude for technical writing e.g. assessment reports, presentations, management dashboard and risk indicators/metrics

More Info

Job Type:

Permanent Job

Industry:

Recruitment /Staffing /RPO

Employment Type:

Full time

About Company

Grey Anderson Limited

Grey Anderson is a specialist recruitment consultancy dedicated in Information Technology, Sales & Marketing and General Management. We provide the highest level of professional service to meet your recruitment needs and to achieve your business goal in the ever-changing business environment.

At Grey Anderson, we strive to exceed your expectations at all times with our strong network and expertise in the industries. Whether you are looking for a permanent or contract position, we will always be able to identify the best-suited candidate to add to the success of your business. Our recruitment services cover industries including Information Technology, Telecommunication, Luxury Goods, Consumer Products, FMCG, Media, Supply Chain, Healthcare, Tourism, Property, Financial Services, Professional Services, Consultancy as well as Utilities spreading over across Asia Pacific.
We appreciate not only the business with you, but also the business that you are running. We value not only the long-term partnership with you, but also your relationship with your people. We believe not only in placing the best and brightest talent, but also the opportunities they bring to help you achieve your goals and succeed in the market.

Job ID: 41289107

Jobs by Skill - IT