A highly diversified and global corporation. Our Cybersecurity team is now inviting candidates to apply for the following position:

Responsibilities:

• Develop, implement, and update security policies based on designated framework, emerging cyber threats, and industry best practices
• Lead the information security compliance program across Group, and establish appropriate cybersecurity framework
• Collaborate with operating companies and Group Internal Audit, to track and remediate security risks, and to report security compliance issues through security dashboard
• Build and implement security awareness program to communicate security policies, and develop information security training plans and awareness activities for Group
• Lead the creation, procurement, and delivery of awareness deliverables and learning content for Group
• Manage the creation and procurement of vendor security risk and compliance platform
• Monitor performance of vendors, and identify and escalate any associated security risks
• Work with Risk Management to manage cyber insurance program for Group, and ensure a comprehensive coverage of cyber insurance policy

Requirements:

• Bachelor's degree in Information Security Management, Computer Science and Technology, Network and Telecommunication, and Information Systems Management
• 10+ years of cybersecurity working experience, with at least 3 years in security governance and compliance
• Proven track record in developing security policies, and leading audit and compliance program
• Sound experience in vendor management, and security awareness training delivery
• Strong understanding about security framework, such as NIST CSF, ISO 27001/2/5, CIS
• Attainment of certificates, e.g., CISSP, CRISC, CISA, CISM, would be preferred
• Excellent communication skills in both written and spoken English and Chinese. Fluent Putonghua is desirable