Cyber Security Manager, Apac IT
国家/地区 : 香港地区
城市 : Hong Kong
类别 : 计算机 - 网络
合同类别 : 正式员工
工作性质 : 全职
Reporting to the Senior Director, the ECR function in Asia Pacific, the primary responsibility of this role is to manage all the regional mandates of cyber security and support the global project rollout. This role supports and manages the various aspects of IT Security, Cyber security, ITGC process, SOX compliance and PCIDSS requirements, partnership with other IT functional teams as well as the strategic partners for operational mandates and project execution. Key Roles & Responsibilities: - Support the Regional Director for the range of planned initiatives and operational BAU tasks as required. - Participate the development, implementation, and oversight of policies, processes, controls and toolkits supporting a global framework rollout in Asia Pacific. This framework will be used to guide long-term global strategies and, more importantly, assist IT LT with the management of security issues within their daily operations. - Interface with other business and control functional groups in order to ensure consistent regional standards across Asia Pacific. In addition, this role needs to work closely with the following parties within the GIS organization to ensure the necessary technical components are in place and ensure smooth delivery of initiatives: - Global Technology Infrastructure - Application Groups - Project Management Office - Enterprise Architecture - Enterprise Data Management - Vendor Management Office - Strategic Vendors Problem Solving (45%) - Provide Advice and Consult services to the affiliate / regional IT fellow teams and business users in the areas of: - Support IT and Cyber security awareness - Maintain policy exception management - Conduct ITGC and SOX compliance monitoring - Conduct vendor risk assessment - Conduct secure code advisory and testing - Conduct penetration testing - Support security incident management process - Support security engineering - Support threat management process Independence of Action and Accountability (35%) - Coordinate with our strategic partner to streamline/prioritize, and ensure quality of support and enhancements delivered - Ensure alignment of works to the GIRS strategy - Provide guidance to our strategic vendors in project execution - Manage our strategic vendors to ensure delivery quality - Manage offshore supporting resources to ensure support quality - Provide Quality Assurance in solutions delivered by our strategic partners - Liaise with our strategic partners in technical solution proposal review - Assist in conducting SME review on technical proposals submitted by strategic partners - Assist in the communication and promotion of GIRS initiatives to ensure stakeholders awareness Decision Making (10%) - Make day to day operational decisions to support project / enhancements executions. Budget Responsibilities (10%) - Assist in the project budget planning process by working closely with other functions within IT and strategic partners. - Assist in conducting review on project approach, project organization, schedule and resource loading in proposals submitted by strategic partners.
Skills & Requirements: - Bachelor of Computer Science / Information Technology or other related disciplines - Excellent command in English, Cantonese. Mandarin is an advantage. - Excellent interpersonal skills including verbal and written communication, teamwork, and issue resolution - Strong analytic and problem-solving mindset; the individual should be highly motivated and self-directed - Ability to communicate and work with both technical and non-technical team members - 8+ years of hands on experience in different IT security domain areas - Sounds experience in ethical hacking (infrastructure and application), security incident management, threat and vulnerabilities management, vendor risk management and IT compliance monitoring (SOX and PCIDSS) - Functional experience in software development (JAVA, .NET, C#, Python) and secure code review will be an added advantage.