Duties:
- Develop, review and update on the security related policies, standards and guidelines.
- Perform on-going analysis and continuous improvement of risk assessment process, procedures and reporting.
- Follow-up security and risk findings with corresponding parties.
- Promote cyber security awareness over the organisation.
- Manage and follow-up of IT audit and compliance issues.
- Assist on IT security projects delivery.
Requirements:
- Degree in IT or relevant discipline or above
- The candidate shall have obtained the any certificate is preferred: CISSP, CCSP, CISA, CRISC, CISM, CEH, ISO/IEC 27001 Lead Auditor, CompTIA Security+, GSEC
- At least 3 years hands-on experience in IT Risk, information security or cyber security.
- Sound knowledge of cyber security best practices, standards and frameworks e.g. NIST CSF or ISO 27001
- Experience in developing security policies, standards or guides
- Experience in managing cyber security solutions
- Experience in a sizable company or Critical Infrastructure organization is an advantage
- Experience in security awareness programs, IT audits, cloud security is an advantage
- Good command of English and Chinese.
- Candidate with less experience will be considered as Information Security Specialist
Interested parties please share your resume by Apply Now.
