工作描述
7 天前
Position Description
This role of Data and Cyber Security Governance Lead, IT Security based out Hong Kong, will
report directly to the Head of Information Security, and to lead and manage data and
cybersecurity governance initiatives & projects.
Key Areas of Responsibilities
• Revise CSI’s cyber security and data security framework, policies, standards, and procedures for cybersecurity and data handling
• Establish, implement, and enforce a comprehensive governance framework thataligns with CSI’s policies defining data management, data lifecycle, data protection and data leakage protection
• Ensure CSI’s infrastructure, systems and applications adhere to laws, regulations and best industry standards (e.g., GDPR, MAS, ISO 27001, NIST, Data Protection laws in China)
• Maintain audit readiness and respond to compliance assessments, audit inquiries, client questionnaires, and regulator’s requests
• Identify, assess, and prioritize cyber risks to the organization. Build an effective cybersecurity and data management framework and deploy it
• Establish governance to CSI’ vulnerability management program with Application and Platform teams
• Provide regular reports and dashboards on cybersecurity governance and compliance status
• Ensure full compliance to all company policies, required training and regulatory requirements
• Establish a cloud governance framework to manage CSI’s multi cloud strategy involving AWS, Azure, and Alibaba Cloud
• Assist to manage IT security portfolio at CSI
Requirements
• Bachelor’s degree or above in computer science, engineering or related domain discipline
• Minimum 15 years of relevant experience in IT, cyber, and data security
• Ability in manage IT projects and stakeholders of IT projects
• understanding of / Demonstrating familiarity with Cyber Security topics – Firewalls, WAF, Application security, Cloud security, web gateway, endpoint protection, SIEM, threat hunting, identity access management, application whitelisting, O365, data leakage protection, network security, email security, etc.
• Strong interpersonal / organizational / problem-solving / project management / client serving / multi-tasking skills
• Able to work independently / attention to details / result-driven/ self-motivated / self-starter / proactive mindset / enthusiastic/ a team player
• Strong leadership skills
• Able to drive projects involving multiple teams and knowledge domains
• Excellent command of / fluent in both spoken and written (English and Chinese (Putonghua is a must))
• Certification – Highly desirable — CISSP, CISM, CISP, ISO 27001 Lead Implementer/Auditor
This role of Data and Cyber Security Governance Lead, IT Security based out Hong Kong, will
report directly to the Head of Information Security, and to lead and manage data and
cybersecurity governance initiatives & projects.
Key Areas of Responsibilities
• Revise CSI’s cyber security and data security framework, policies, standards, and procedures for cybersecurity and data handling
• Establish, implement, and enforce a comprehensive governance framework thataligns with CSI’s policies defining data management, data lifecycle, data protection and data leakage protection
• Ensure CSI’s infrastructure, systems and applications adhere to laws, regulations and best industry standards (e.g., GDPR, MAS, ISO 27001, NIST, Data Protection laws in China)
• Maintain audit readiness and respond to compliance assessments, audit inquiries, client questionnaires, and regulator’s requests
• Identify, assess, and prioritize cyber risks to the organization. Build an effective cybersecurity and data management framework and deploy it
• Establish governance to CSI’ vulnerability management program with Application and Platform teams
• Provide regular reports and dashboards on cybersecurity governance and compliance status
• Ensure full compliance to all company policies, required training and regulatory requirements
• Establish a cloud governance framework to manage CSI’s multi cloud strategy involving AWS, Azure, and Alibaba Cloud
• Assist to manage IT security portfolio at CSI
Requirements
• Bachelor’s degree or above in computer science, engineering or related domain discipline
• Minimum 15 years of relevant experience in IT, cyber, and data security
• Ability in manage IT projects and stakeholders of IT projects
• understanding of / Demonstrating familiarity with Cyber Security topics – Firewalls, WAF, Application security, Cloud security, web gateway, endpoint protection, SIEM, threat hunting, identity access management, application whitelisting, O365, data leakage protection, network security, email security, etc.
• Strong interpersonal / organizational / problem-solving / project management / client serving / multi-tasking skills
• Able to work independently / attention to details / result-driven/ self-motivated / self-starter / proactive mindset / enthusiastic/ a team player
• Strong leadership skills
• Able to drive projects involving multiple teams and knowledge domains
• Excellent command of / fluent in both spoken and written (English and Chinese (Putonghua is a must))
• Certification – Highly desirable — CISSP, CISM, CISP, ISO 27001 Lead Implementer/Auditor
更多相似工作
Senior Information Security Risk & Incident Leader
Guotai Junan International Holdings Limited
中西區, 香港
🎉 Got an interview?
