你所在的国家不提供此工作机会。
Senior Manager, Cybersecurity
Tahoe Life Insurance Company LimitedHong Kong30 天前
职位描述Develop and maintain the company’s cybersecurity risk management framework, ensuring alignment with industry standards (ISO 27001, NIST, CIS) and regulatory requirements (HKIA GL20). Establish and enforce security policies, standards, and guidelines to maintain compliance with internal policies and external regulations. Oversee security control effectiveness across IT systems, conducting periodic risk reviews and recommending improvements. Lead and coordinate internal and external cybersecurity audits, ensuring compliance and facilitating remediation efforts. Conduct functionality and gap analyses to evaluate business areas and IT infrastructure compliance against statutory and regulatory requirements. Evaluate and recommend new security technologies and strategies to counter cyber threats and enhance protection. Ensure continuous monitoring of cyber risks, tracking Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) for cybersecurity. Perform regular reviews and updates of security policies, guidelines, and procedures to ensure compliance with GL20 requirements. Provide regular cybersecurity risk reports to senior management, risk committees, and audit committees. Act as an independent advisor to business units, guiding them on cybersecurity risks and regulatory compliance. Oversee SOC vendor performance, ensuring high-quality service delivery and incident management. Coordinate third-party risk assessments and ensure vendor security compliance. Conduct regular cybersecurity awareness training programs for employees to strengthen internal security culture. Prepare and present security updates and risk assessments in Information Technology Steering Committee meetings. Support internal and external audits, ensuring compliance with GL20 and other regulatory requirements. Lead and contribute to ad hoc security projects as assigned by management. Bachelor’s degree in information technology, Computer Science, or a related discipline. Professional certifications such as CISA, CISM, CISSP are preferred. 8+ years of experience in information security & cybersecurity roles. Strong expertise in vendor management, including security system setup, security monitoring, and managed security services. Proven experience in developing security policies and guidelines for insurance, banking, or financial institutions. Hands-on experience with cybersecurity tools, including next-generation firewalls, WAF, IDS / IPS, DLP, and email security solutions. Experience in vulnerability scanning, penetration testing, and system hardening is preferred. Technical & Soft Skills Strong knowledge of cybersecurity, cryptography, network security, cloud security, and threat intelligence. Excellent analytical, problem-solving, and risk assessment skills. Strong leadership, communication, and stakeholder management abilities. Fluency in English and Mandarin (both written and spoken) is required.
Job Purpose :
The Senior Manager, Cybersecurity is responsible for establishing, maintaining, and continuously improving the company's information security framework to protect critical systems, data, and digital assets. This role oversees both 1st Line of Defence (Operational Security) and 2nd Line of Defence (Tech Risk Oversight) functions, ensuring that cybersecurity risks are effectively managed, security operations are robust, and regulatory compliance is maintained.
The position requires strong leadership in security operations, governance, risk management, compliance, and vendor management while supporting the company’s digital transformation initiatives and ensuring compliance with HKIA GL20 requirements.
Main Responsibilities :
1. Cybersecurity Operations & Incident Response (1st Line of Defense)
- Lead the Security Operations Center (SOC) service provider, ensuring effective security monitoring, incident detection, and response.
- Oversee firewall rule changes, access controls, audit logging, and security event reporting.
- Collaborate with the SOC team to review system logs, alerts, and threat intelligence reports to detect and mitigate cyberattacks and insider threats.
- Conduct and oversee vulnerability scanning, penetration testing, and system hardening to strengthen cyber resilience.
- Manage security tools and technologies, including next-generation firewalls, WAF, IDS / IPS, email gateways, proxies, and DLP solutions.
- Perform day-to-day security risk control reviews, particularly for change requests affecting security policies (e.g., firewall rule modifications).
- Ensure effective incident response planning and execution, including coordination of annual cybersecurity drills with the SOC vendor.
2. Cybersecurity Governance, Risk & Compliance (2nd Line of Defense)
3. Security Oversight, Reporting & Management
Incumbent Requirements :
Qualifications & Certifications
Work Experience
为此搜索创建职位提醒
Senior Manager • Hong Kong
相关职位
)
Channel Manager - Cybersecurity
Michael PageHong Kong The Channel Manager will build and manage a portfolio of partners across various ecosystems, ensuring they are fully enabled and technically competent.
This role is ideal for a seasoned sales profes...展示更多上次更新时间:30 天前
Senior Manager, IT Governance and Architecture
West KowloonHong Kong The West Kowloon Cultural District Authority welcomes exceptional talent with a passion to realise the vision and mission of making the West Kowloon Cultural District a prime local and internationa...展示更多最后更新时间: 17天前
Cybersecurity Operational Technology Specialist, Asia
VeoliaHong Kong, Hong Kong Cybersecurity Operational Technology Specialist, Asia.Veolia group is the global leader in optimized resource management.
The Group designs and provides water, waste and energy management solutions ...展示更多上次更新时间:30 天前
Senior Manager, Finance
Johnson ElectricChina, Hong Kong We are looking for a Senior Finance Manager to lead the finance team in driving the company’s financial strategy and planning, overseeing regulatory compliance, and ensuring the accuracy of the com...展示更多最后更新时间: 6天前
Senior Store Manager
Link ComplianceHongKong, Hong Kong Our client is a Luxury fashion brand in particular as well as ready-to-wear, bags, and other accessories.Relocation assistance and work visa will be provided.
Supporting Store Managers in organising...展示更多最后更新时间: 14天前
Business Development Executive - Electrical Cybersecurity
TUV Rheinland Hong Kong LtdHong Kong IoT cybersecurity business development according to international requirements, e.Conduct market research to uncover potential clients and new market segments.
Build a pipeline of qualified sales le...展示更多上次更新时间:30 天前
Senior Manager, Compliance
Dah Sing Financial GroupHong Kong Monitor and assess regulatory developments and ensure the bank's adherence to these requirements.Collaborate with business and functional units to ensurepliance with regulatory expectations and int...展示更多最后更新时间: 9天前
Senior AML Manager
Chiyu Banking Corporation LtdHong Kong Oversee and manage the AML Transaction Monitoring and Fraud Risk Management team to ensure effective detection, investigation, and reporting of suspicious activities.
Acting as Alternate MLRO of the...展示更多上次更新时间:30 天前
Senior Consultant - Cybersecurity, Data Protection & IT Risks
Sia PartnersHong Kong, Hong Kong We are currently looking for a Senior Consultant with Cybersecurity Advisory experience to join our team in HK.Within Sia Partners, you will join our Cybersecurity, Data Protection & IT Risks Globa...展示更多上次更新时间:30 天前
Cybersecurity Engineer (2-4 experience)
CL Technical Services Ltd.Hong Kong Implement cybersecurity measurements and support networks security updates and user access evaluation.Perform vulnerability and risk assessments.
Work with IT security and infrastructure teams in re...展示更多上次更新时间:30 天前
Information Technology Manager / Officer (Cybersecurity)
明報網站Hong Kong, Hong Kong Information Technology Manager / Officer (Cybersecurity).HKCT ( ), HKCT Institute of Higher Education and Hong Kong College of Technology, committed to Vocational & Professional Education and Train...展示更多最后更新时间: 5天前
Cybersecurity Specialist (Technical Lead)
Hong Kong Air Cargo Terminals Limited (Hactl)Hong Kong Take this challenge if you are / plan to transform your role into a cybersecurity professional.Protect People, Process, and Technology of the company.
Facilitate transformation and improve business e...展示更多上次更新时间:30 天前
Senior Project Manager.
PCCWHong Kong HK, HK Ensuring establishment and embedding delivery plans for one or more work stream elements of the overall delivery programme for the PCCWs delivery of eMPF.
Ensuring standard project management techni...展示更多上次更新时间:30 天前
Senior Risk Manager
Crypto ConnectHong Kong M Posted byRecruiterOur client are looking for Senior Risk Manager will work closely with departmental teams, ensuring they retain responsibility for the execution of risk management processes and ...展示更多最后更新:1 天前
Cybersecurity Specialist
De'Longhi GroupHong Kong - ChinaHong Kong, CN Collaborate with the Group Cyber Security Competence Center to define and implement solutions and guidelines aimed at enhancing IT cybersecurity architecture.
Provide prompt and effective support in...展示更多最后更新时间: 18天前
Manager to Specialist, Governance & IT Risk (Cybersecurity)
Captiare LimitedHong Kong My client is seeking a group of highly skilledernance, Risk, andpliance (GRC) professionals, from Manager to Specialist, to be cybersecurity team.
Degree holders with a keen interest in cybersecurit...展示更多最后更新时间: 12天前
Senior / Network Specialist - cybersecurity
CaptiareHong Kong Firewall / network / VPN / routers & switches.Our client is a well-known organization with over 1000 staffs in Hong Kong.
They are now looking for senior / network specialists to join their team.You wil...展示更多最后更新时间: 6天前
- 新!
Senior Manager / Manager (Actuarial)
HKMC Annuity LimitedHong Kong A Posted byRecruiterHKMC Annuity Limited, a wholly-owned subsidiary of The Hong Kong Mortgage Corporation Limited, is an authorized insurer to facilitate retirement financial planning through provi...展示更多最后更新时间: 10小时前