Our top tier Insurance client is looking for a skilled Risk+ Informatin Security Managerila candidate to join them as Senior Manager in the Cyber Security team.
This position plays a significant role in supporting management and Director of Information Security("IS") of the company to promote and enhance the maturity of cybersecurity resilience of the organisation.
Permanent, full-tme position.
(Daily operation) Information Security Advisory and Assessment:
Assess and evaluate information security products and solutions
Advise and assess security control of mission-critical applications and IT infrastructure services
Facilitate the deployment of strategic information security solutions to address the cyber threat and information security risk exposure
Ensure the cybersecurity resilience to proactively prevent from business disruption or service outage
Reduce risk exposure, improve efficiency, and strike balance of data protection
Communications and engagement with key stakeholders such as Head of IT teams and Head of Departments:
Improve the awareness of the senior management, business users and IT professional on the technology threat the company is facing and more sensitive on protecting customers' interest and privacy
Promote the importance of the compliance of company standard, and driving thought leadership in this evolving paradigm
Coordinate ad-hoc cross-functional teams on special projects or strategic initiatives relating to IS
Communicate with group offices, business partners, corporate clients, IT vendors and external parties on information security matters, as and when needed
You are required to obtain the relevant license(s) if your job involves regulated activities
Minimum Job Requirements:
Degree holder in Computer Science, Information Systems, Engineering, Risk Management, or a related discipline
Minimum of 10 years on IT project management and information security field with experience & proven success in architecting, delivering or assessing cybersecurity and/or cloud security
Knowledgeable of cloud industry trends for driving thought leadership in this evolving paradigm, and security challenges associated on the cloud journey utilising an "As a Service" model
Solid knowledge in authentication solutions, like Multi-factor Authentication (MFA), OAuth2, SAML and encryption solutions, like RSA, AES, Azure key vault
In-depth knowledge in hardening Internet-facing applications with highly confidential information.
Hand-on experience of various security tools, like Burp Suite, openssl
Very good understanding and demonstrated use of DevOps tools (e.g. Jenkins, Ansible) with CICD capabilities
Experience in 24x7x365 support will be an advantage
Holder of relevant IT security professional qualification preferred (such as CISA, CISM, CISSP etc.)
Excellent communication (written and oral) skills, and demonstrable experience as a highly effective facilitator of cross functional teams
Ability to solve complex problems while effectively communicating technical concepts.
Ability to learn and apply new technologies quickly
Confident and trustworthy; keen to earn the respect and trust of, and inspire, others. Independent and strong self-initiative to work creatively and analytically when solving problems