Duties & Responsibilities:
- Maintain the information security framework.
- Defining and maintaining access privileges, control structures and resources to safeguard critical information assets and systems
- Evaluate the adequacy of internal security controls to ensure compliance with the information security policy while providing practical recommendations.
- Provide advice on security/auditability/controls related to information security in new systems.
- Assist in developing and implementing the information security strategy, methodologies, standards, framework, and techniques.
- Evaluate, recommend, and implement feasible security solutions to enhance system security for the Commission based on business needs.
- Manage security projects and actively collect project requirements, tendering, proposal evaluation, project kick-off, tracking, project delivery and post-project follow-up.
- Supervise security vendors and supporting staff to ensure their provided services and deliverables meet the service requirements and the committed service level
- Hold a degree in Computer Science, Information Management or any other related field.
- Have at least 7 years of working experience in application security assessment, vulnerability management and maintaining information security review framework. Applicants with less experience will be considered for the position of Assistant Manager.
- Hands-on experience analyzing source codes, logs, network data and other attack artifacts
- Experience and knowledge of different database security, endpoint security, web application firewall, and vulnerability scanning solutions will be an advantage
- Knowledge of cybersecurity frameworks and industry practices such as OWASP, NIST, and ISO27001 would be an advantage
- Certifications preferred: CISA, CISSP, OCSP, OSWE
- A strong sense of responsibility and impeccable integrity is preferred.
- Mature, proactive, quick-thinking with solid organizing & planning skills
- Excellent interpersonal and writing/presentation skills in both English and Chinese.
Please quote the reference and apply by 29 July 2022 with details of qualifications, previous experience, current and expected salary to:
Securities & Futures Commission
54/F, One Island East,
18 Westlands Road, Quarry Bay, Hong Kong
(E-mail address : firstname.lastname@example.org)
All applications will be handled in strict confidence by authorised personnel and will only be used for recruitment related purposes. Applicants who do not hear from us within six months from the application deadline may consider their applications as unsuccessful. All information on unsuccessful candidates will be destroyed after six months.
We are an EQUAL OPPORTUNITY EMPLOYER.