Cyber Security Manager

• Ensure all IT practices align with local cybersecurity regulations and internal cybersecurity standards for both banking and insurance sectors
• Streamline the assessment process, monitor outstanding issues, and lead or facilitate remediation efforts
• Provide expertise, consultancy, and support as the Subject Matter Expert in Cybersecurity to various business units/functions to identify risks and determine the necessary IT security controls
• Perform thorough security assessments and reviews focused on cloud security, third-party security, and application security, and provide actionable recommendations for security controls to address identified cybersecurity risks
• Support projects involving emerging technologies, including Artificial Intelligence (AI) and Distributed Ledger Technology (DLT), by assessing associated cybersecurity risks and recommending appropriate security controls
• Conduct IT and application risk assessments and provide design consultancy for software delivery
• Monitor security incidents and coordinate incident response activities, including investigation, containment, eradication, and lessons learned
• Stay abreast of the latest cybersecurity threat landscape and evaluate potential impacts on the bank
• Deliver security awareness training to internal staff as well as third parties

• Bachelor’s degree in computer science or a related discipline
• Proven experience in IT security and risk management
• Solid experience in cybersecurity controls, and IT risk management frameworks
• Strong understandings of all IT and cybersecurity domains
• Strong knowledge of banking and insurance regulations and guidelines related to cybersecurity and technology risk management, including Fintech
• Strong self-motivation, with good leadership, communication, interpersonal and analytical skills
• Great sense of ownership and a customer-centric mindset
• Excellent command of both spoken and written English and Chinese
• Professional qualifications such as CISM, CISA, CISSP and CEH are preferred
• Experienced in performing security risk assessment and audits based on industry standards
• Familiar with ISO 27001 Information Security Management Systems (ISMS)

Mandarin is an advantage

• Dynamic working environment
• Good career development opportunities
• Competitive compensation packages