Company Description: A leading financial services group in Hong Kong providing a comprehensive range of commercial banking, personal banking, wealth management, and investment services.
Location: Kwun Tong
Nature: Renewable Contract (1 year)
• Lead cybersecurity management efforts by establishing robust security standards and conducting deep technical evaluations.
• Formulate, validate, and deploy cybersecurity systems while proactively identifying and mitigating cloud and infrastructure security risks.
• Provide expert technical guidance to infrastructure and systems teams to enforce effective security controls across the organization.
• Deploy, migrate, and maintain advanced cybersecurity solutions, focusing heavily on endpoint security, network security, and hands-on tool implementation.
• Monitor the enterprise environment to detect malicious activities and coordinate end-to-end incident response operations.
• Serve as the central security reference point to offer strategic advice and support to various technical and business units.
• Partner with risk management units, technical support teams, and stakeholders to deliver comprehensive security solutions.
• Conduct rigorous security testing and assessments, including C-RAF and iCAST, against established standard procedures and regulatory guidelines.
• Perform detailed third-party risk assessments and site visits to identify and mitigate risks associated with external vendors.
• Analyze existing technical structures, identify compliance gaps, and prepare comprehensive reports highlighting areas for enhancement.
• Assist senior management in tracking financial statistics and collecting data on cybersecurity expenses.
• Guide and train junior cybersecurity team members to foster technical skill development and enhance delivery capabilities.
• University graduate, preferably with a major in Computer Science, Information Technology, or a related discipline.
• Possess over 10 years of professional experience in the cybersecurity sector, with a strong emphasis on technical operations or engineering.
• At least 5 years of hands-on experience in first-line cybersecurity management, technology risk management, or technology audit.
• Minimum of 3 years of experience in a team leadership or management role, with strong staff management and coaching skills.
• Solid technical background with a deep understanding of security technologies, infrastructure controls, and industry best practices.
• Proven expertise in configuring, tuning, and implementing cybersecurity protection and detection tools.
• Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or equivalent professional certifications.
• Demonstrated proficiency in project management, planning, and organizing tasks based on urgency and importance.
• Strong problem-solving and analytical skills to systematically identify root causes and creatively generate countermeasures.
• Excellent communication and negotiation skills to articulate complex technical concepts and collaborate effectively with diverse teams.
• Good command of spoken and written English and Chinese; fluency in Mandarin is highly preferable.
