Our client, a leading international financial institution, is seeking an experienced and technically proficient Manager to join their Information Security team. The successful candidate will play a key role in strengthening the organizations cybersecurity posture, ensuring compliance with regulatory standards, and supporting audit and governance activities across infrastructure and operations.
Responsibilities
Develop, implement, and maintain information security policies, procedures, and configuration baselines
Oversee infrastructure security and compliance, ensuring alignment with corporate standards and industry best practices
Perform regular and ad-hoc security acceptance tests on servers, networks, databases, and security devices
Conduct periodic reviews of firewall rulesets and other security tooling to ensure only necessary protocols and services are enabled
Monitor and manage security tools and systems (e.g., IDS/IPS, endpoint protection, SIEM platforms such as Splunk) and respond to security incidents in coordination with relevant teams
Manage the lifecycle of digital certificates and encryption keys, including issuance, renewal, revocation, and secure storage
Lead and coordinate audit-related activities, including evidence collection, report generation, and timely delivery to internal and external auditors
Support compliance initiatives across cybersecurity, data privacy, and operational risk domains
Requirements
University degree or diploma in Computer Science, Information Technology, or a related discipline
Professional certifications such as CISSP, CISA, CISM, or CCSP are strongly preferred
Minimum 5–8 years of relevant experience in IT security, infrastructure security, or a similar role; prior experience in the banking or financial services industry is advantageous
Solid understanding of network and infrastructure security, security policy frameworks, and regulatory standards (e.g., ISO 27001, HKMA, SFC)
Proven experience supporting audit and compliance processes, including internal/external audits and regulatory reviews
Strong analytical and problem-solving skills, with excellent communication and documentation abilities
Self-motivated, detail-oriented, and capable of working both independently and collaboratively in a team environment