Back to job search

Information Security, Principal (Senior Manager Level)

  • Location:

    Hong Kong

  • Sector:


  • Job type:


  • Salary:

    Salary + bonus + medical + std. benefits

  • Contact:

    Preksha Tripathi

  • Contact email:

  • Job ref:


  • Published:

    about 1 month ago

  • Expiry date:


  • Startdate:


Our top tier Insurance client is looking for a skilled Risk+ Informatin Security Managerila candidate to join them as Senior Manager in the Cyber Security team.

This position plays a significant role in supporting management and Director of Information Security("IS") of the company to promote and enhance the maturity of cybersecurity resilience of the organisation.

Permanent, full-tme position.

(Daily operation) Information Security Advisory and Assessment:

  • Assess and evaluate information security products and solutions

  • Advise and assess security control of mission-critical applications and IT infrastructure services

  • Facilitate the deployment of strategic information security solutions to address the cyber threat and information security risk exposure

  • Ensure the cybersecurity resilience to proactively prevent from business disruption or service outage

  • Reduce risk exposure, improve efficiency, and strike balance of data protection

Communications and engagement with key stakeholders such as Head of IT teams and Head of Departments:

  • Improve the awareness of the senior management, business users and IT professional on the technology threat the company is facing and more sensitive on protecting customers' interest and privacy

  • Promote the importance of the compliance of company standard, and driving thought leadership in this evolving paradigm


  • Coordinate ad-hoc cross-functional teams on special projects or strategic initiatives relating to IS

  • Communicate with group offices, business partners, corporate clients, IT vendors and external parties on information security matters, as and when needed

  • You are required to obtain the relevant license(s) if your job involves regulated activities

Minimum Job Requirements:

  • Degree holder in Computer Science, Information Systems, Engineering, Risk Management, or a related discipline

  • Minimum of 10 years on IT project management and information security field with experience & proven success in architecting, delivering or assessing cybersecurity and/or cloud security

  • Knowledgeable of cloud industry trends for driving thought leadership in this evolving paradigm, and security challenges associated on the cloud journey utilising an "As a Service" model

  • Solid knowledge in authentication solutions, like Multi-factor Authentication (MFA), OAuth2, SAML and encryption solutions, like RSA, AES, Azure key vault

  • In-depth knowledge in hardening Internet-facing applications with highly confidential information.

  • Hand-on experience of various security tools, like Burp Suite, openssl

  • Very good understanding and demonstrated use of DevOps tools (e.g. Jenkins, Ansible) with CICD capabilities

  • Experience in 24x7x365 support will be an advantage

  • Holder of relevant IT security professional qualification preferred (such as CISA, CISM, CISSP etc.)

  • Excellent communication (written and oral) skills, and demonstrable experience as a highly effective facilitator of cross functional teams

  • Ability to solve complex problems while effectively communicating technical concepts.

  • Ability to learn and apply new technologies quickly

  • Confident and trustworthy; keen to earn the respect and trust of, and inspire, others. Independent and strong self-initiative to work creatively and analytically when solving problems

The world of contracting: Where stability meets flexibility | Wednesday 20 Oct | 1pm

Thinking of handing in your notice?

Download our Counteroffer Guide for advice on how to navigate counteroffers why they're made, reasons to accept or decline, and what you should consider before making your decision.