Job Descriptions:
- To provide professional security advisory and recommendations on IT solutions and systems from risk perspective;
- To assist in implementation of new regulations in relation to Cyber Security and IT control;
- To conduct security and cloud risk assessment on systems and/or technical controls to identify potential security threats and vulnerabilities, and to mitigate risks;
- To maintain Security Risk Register and communicate the identified risks and impacts with stakeholders;
- To collaborate with other subject matter experts on security assessment and oversee penetration testing and threat intelligence simulation attack;
- To provide support and timely advices for IT incident handling management; and
- To review and update security policies and operations process periodically for security control enhancement.
Requirements:
- Degree holder in Information Security, Computer Science, Information Management Systems, Risk Management or equivalent;
- A minimum of 8 years of experience in the field of information security, security risk or related disciplines;
- Familiar with regulatory environment of insurance or financial services industry, in particular of IT related requirements;
- In-depth understanding of cloud security principles and best practices, with experience in securing cloud environments (e.g. Azure & AWS);
- Solid understanding of application security, including secure coding practices, vulnerability assessment and secure deployment methodologies;
- Proven track record in leading and implementing successful information security initiatives programs; and
- Relevant certification e.g., CISSP, CISA, OSCP, CEH, ISO 27001, NIST or equivalent, is an advantage.
Interested parties please send your full resume starting your current and expected salary by 2 February 2025.
Please visit https://www.hkmca.hk/eng/about_us/careers.html for other application methods.
Please ensure that all information provided to the HKMC Group is accurate, complete and updated. Data provided which is inaccurate or incomplete may influence the process and outcome of the recruitment exercise. Please read the HKMCA Personal Information Collection Statement for Recruitment of Prospective Staff Members and Licensed Individual Insurance Agents at the HKMCA website before completing the application form. Personal data collected will be used for recruitment purposes only. Candidates not invited for interview within 8 weeks may consider their application unsuccessful.