Responsibilities

• Develop and implement cybersecurity policies, controls, and technologies to protect the company’s infrastructure, applications, data, and systems
• Perform risk assessments to identify vulnerabilities and threats to the organization
• Deploy and integrate endpoint, network, and cloud security tools like anti-malware, IAM, DLP, and threat intelligence
• Monitor security tools and analyze alerts to detect and respond to cyber threats
• Investigate security incidents and anomalies and recommend corrective actions
• Create and deliver security awareness training for employees
• Stay up-to-date with compliance requirements and security best practices
• Collaborate with IT and other teams to embed security across the company

Required Skills

• Minimum 6 years working exposure in Security, IT Audit, or IT risk exposures
• Bachelor’s degree in Computer Science, Information Technology or related field.
• Executes creative security solutions, design, development through architecture, and technical troubleshooting with the ability to think beyond routine or conventional approaches to build solutions and break down technical problems pertaining to Info-security setup/policies
• Develop, configure, test and deploy a multitude of components & on various platform, leveraging best practice principles
• Independent and able to perform tasks with minimum supervision
• Excellent communication and interpersonal skills
• Good infographic knowledge/skillsets for management reporting
• Knowledgeable in compliance with ISO27001, NIST CSF, SWIFT CSCF, HKMA, SFC, IA etc, relevant guidelines and regulatory notices
• Knowledgeable in IT controls, application security and risk management methodology
• Knowledgeable with cryptographic algorithm/functions and key management
• Knowledgeable in application penetration testing methodologies, such as OWASP will be an advantage
• Knowledgeable with application development experience and programming/coding will be an advantage
• Adds to team culture of diversity, equity, inclusion, and respect.
• Familiarity in Digital Banking and FinTech solutions will be an advantage
• Certified in CCIE, CISSP or CASP would be an advantage.