- Tuen Mun District
- Nov 25, 2022
- HK$51k -60k pm
A historical beverage company based in Hong Kong, expanded into a wider variety of beverages and desserts. Specialises in the operation of the tuck shops in Hong Kong primary and secondary schools
- Manage IT security projects to implement security solutions in accordance with the company security strategy, policy, and risk posture
- Collaborate with internal IT teams to enforce security policies and execute procedures in compliance to security and risk management programs
- Establish and review security policies and guidelines to align with security trend
- Manage security incident responses all along investigation, rectification, recovery, and post-mortem analysis with stakeholders.
- Educate and influence users at different levels to improve security awareness and vigilance against cyber threats.
- Support internal/external audits and conduct regular security assessments including policy compliance, vulnerability management, code review, and security configurations
- Monitor internal and global security/data privacy threats, and timely disseminate security alerts to the company and coordinate mitigative actions.
- Integrate security practices into software development and IT operations, embracing the shift-left / DevSecOps security principles.
- Provide security advisory and assurance to IT and business projects.
- Provide technical and operational support to major security controls and processes.
- Conduct ad-hoc duties as assigned
- Bachelor's Degree in Information Technology related discipline
- Security certificates e.g. CISSP / CEH / CISA / CCSK / CCSP
- Cloud certificates, e.g. Azure / AliCloud / AWS, preferably security related
- At least 6 years' IT experience (preferably in FMCG / CPG / Retail) with 3 years information or cyber security related
- Hands-on implementation or operation experience on Data Loss Protection / Privileged Access Management / Web Proxy / Endpoint Detection and Response / Mobile Device Management / Security Operation Centre
- Deployment experience in cloud infrastructure and security (e.g. CDN, DevSecOps, container, DDoS, WAF, jump server, micro-segmentation)
- Experience with cybersecurity framework like ISO 27001 ISMS, ISO 27017, CIS Critical Security Controls and NIST Cyber Security Framework
- Knowledge on data privacy standards and laws such as GDPR, CCPA is an advantage
- Administration experience in Windows, Linux and virtualization platforms
- Strong communication and presentation skills on Cybersecurity projects to Business community fluently in Cantonese, Mandarin and English
- Effective negotiation tactics and influencing skills
- Willing to travel
If this above description fits your experience and is something you would like to explore, please click 'Apply Now' to submit your resume to us.
Our specialist consultant will get in touch with you soon, if we find your profile suitable for this position or any other vacancies we are recruiting for.
Any questions, please feel free to contact Susan SH Wong at 3907 3977.