Back to jobs
Insurer - CISO
- Posted 07 March 2023
- Salary HKD1600000 - HKD1800000 per annum
- LocationKwun Tong
- Job type Permanent
- DisciplineCyber Security
- ReferenceBH-4302
- Contact NameNicholas Ng
Job description
Responsbilities:
Requirements:
- Take lead and drive the incident response process and drill
- Lead subordinate(s) to follow up all security related issues in the day-to-day operations and recommend security projects and enhancement where appropriate
- Monitor the daily security issues and ensure information security exposures are identified and addressed. Report potential risks and incidents happened to management promptly
- Evaluate, introduce, implement and monitor new solutions on information security to protect the company networks, systems and data, including contingency plan of system security services
- Ensure all Information Security related documentation (e.g. Security Policy) are completed on time, with good quality and is up-to-date at all time. Ensure the corresponding procedures are strictly adhered to by all staff
- Coordinate with HR, introduce IT Security Policy to new staff in the Orientation Program, as well as arrange security awareness programs where necessary
- Ensure the services from external service providers and hardware/software vendors on information security related projects are prompt and with high quality
- Ensure all periodic reporting on information security issues are generated to IT management on time
- Responsible for budget recommendation on security software and equipment and the maintenance cost
- Assist to negotiate hardware/software acquisition on information security related projects in the best possible way
- Responsible to ensure user support and training is organized where appropriate
- Perform ad hoc projects as assigned by supervisor
Requirements:
- University or Polytechnic graduate or equivalent, with a major in Computer science / studies
- At least 3 years of experience in People Management
- Minimum 10 years of experience in leading IT functions, of which at least 6 years of experience in information security, preferably in financial service industry
- Professional designation in Information Security (e.g. CISSP, CISA or CISM) is required
- Hands on experience in managing information security projects and solutions
- Knowledge in industry best practices such as ISO27001, COBIT and NIST CSF is an advantage