Key Qualifications
- Over 7 years of relevant experience in cybersecurity, technology risk management, compliance, and security governance.
- A bachelor's degree in Information Security, Computer Science, Risk Management, or a related discipline.
- Strong project management capabilities for overseeing multiple complex remediation initiatives simultaneously.
- Knowledge of cloud platforms such as Alibaba Cloud, AWS, and GCP, particularly their security services.
- In-depth understanding of regulatory frameworks and standards, including ISO 27001, NIST CSF, PCI-DSS, SOC 1/2, and CCSS.
- Fluent in both Chinese and English, with excellent written and verbal communication skills.
- Proven track record in managing large-scale security control implementations or compliance remediation projects, with effective tracking of progress.
- Exceptional communication skills for engaging with auditors, regulators, and cross-functional teams at all organizational levels.
- Familiarity with data protection laws and regulations (such as GDPR) and the compliance challenges posed by new technologies.
- Ability to adapt to rapidly changing technological and regulatory environments.
- One or more of the following certifications is preferred: CISSP, CISA, CISM, CRISC, or CCSS.
Roles and Responsibilities
- Assess and track the organization's security compliance status while suggesting actionable improvements.
- Conduct self-assessments of security maturity and risk assessments to pinpoint gaps and promote remediation efforts.
- Work collaboratively with various business units, engineering teams, and stakeholder groups, including risk and compliance, to implement governance measures and foster secure technical processes.
- Develop dashboards and reports for leadership, highlighting governance effectiveness, security metrics, and important updates.
- Stay updated on industry trends to adjust governance strategies and improve security maturity.
- Promote continuous enhancement of governance processes through collaboration with cross-functional teams.
- Create and uphold IT governance policies and procedures, ensuring they comply with industry standards and regulatory mandates.
- Ensure adherence to regulatory requirements across different jurisdictions by performing gap analyses and offering advisory support.
If this job isn't quite right for you, but you know someone who would be great at this role, why not take advantage of our referral scheme? We offer HKD1000 in Apple gift cards for every referred candidate who we place in a role. Terms & Conditions Apply. https://www.ambition.com.hk/refer-a-friend
