Talent.com
你所在的国家不提供此工作机会。
Senior Manager, Cybersecurity

Senior Manager, Cybersecurity

Tahoe Life Insurance Company LimitedHong Kong
30 天前
职位描述

Job Purpose :

The Senior Manager, Cybersecurity is responsible for establishing, maintaining, and continuously improving the company's information security framework to protect critical systems, data, and digital assets. This role oversees both 1st Line of Defence (Operational Security) and 2nd Line of Defence (Tech Risk Oversight) functions, ensuring that cybersecurity risks are effectively managed, security operations are robust, and regulatory compliance is maintained.

The position requires strong leadership in security operations, governance, risk management, compliance, and vendor management while supporting the company’s digital transformation initiatives and ensuring compliance with HKIA GL20 requirements.

Main Responsibilities :

1. Cybersecurity Operations & Incident Response (1st Line of Defense)

  • Lead the Security Operations Center (SOC) service provider, ensuring effective security monitoring, incident detection, and response.
  • Oversee firewall rule changes, access controls, audit logging, and security event reporting.
  • Collaborate with the SOC team to review system logs, alerts, and threat intelligence reports to detect and mitigate cyberattacks and insider threats.
  • Conduct and oversee vulnerability scanning, penetration testing, and system hardening to strengthen cyber resilience.
  • Manage security tools and technologies, including next-generation firewalls, WAF, IDS / IPS, email gateways, proxies, and DLP solutions.
  • Perform day-to-day security risk control reviews, particularly for change requests affecting security policies (e.g., firewall rule modifications).
  • Ensure effective incident response planning and execution, including coordination of annual cybersecurity drills with the SOC vendor.

2. Cybersecurity Governance, Risk & Compliance (2nd Line of Defense)

  • Develop and maintain the company’s cybersecurity risk management framework, ensuring alignment with industry standards (ISO 27001, NIST, CIS) and regulatory requirements (HKIA GL20).
  • Establish and enforce security policies, standards, and guidelines to maintain compliance with internal policies and external regulations.
  • Oversee security control effectiveness across IT systems, conducting periodic risk reviews and recommending improvements.
  • Lead and coordinate internal and external cybersecurity audits, ensuring compliance and facilitating remediation efforts.
  • Conduct functionality and gap analyses to evaluate business areas and IT infrastructure compliance against statutory and regulatory requirements.
  • Evaluate and recommend new security technologies and strategies to counter cyber threats and enhance protection.
  • Ensure continuous monitoring of cyber risks, tracking Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) for cybersecurity.
  • Perform regular reviews and updates of security policies, guidelines, and procedures to ensure compliance with GL20 requirements.
  • 3. Security Oversight, Reporting & Management

  • Provide regular cybersecurity risk reports to senior management, risk committees, and audit committees.
  • Act as an independent advisor to business units, guiding them on cybersecurity risks and regulatory compliance.
  • Oversee SOC vendor performance, ensuring high-quality service delivery and incident management.
  • Coordinate third-party risk assessments and ensure vendor security compliance.
  • Conduct regular cybersecurity awareness training programs for employees to strengthen internal security culture.
  • Prepare and present security updates and risk assessments in Information Technology Steering Committee meetings.
  • Support internal and external audits, ensuring compliance with GL20 and other regulatory requirements.
  • Lead and contribute to ad hoc security projects as assigned by management.
  • Incumbent Requirements :

    Qualifications & Certifications

  • Bachelor’s degree in information technology, Computer Science, or a related discipline.
  • Professional certifications such as CISA, CISM, CISSP are preferred.
  • Work Experience

  • 8+ years of experience in information security & cybersecurity roles.
  • Strong expertise in vendor management, including security system setup, security monitoring, and managed security services.
  • Proven experience in developing security policies and guidelines for insurance, banking, or financial institutions.
  • Hands-on experience with cybersecurity tools, including next-generation firewalls, WAF, IDS / IPS, DLP, and email security solutions.
  • Experience in vulnerability scanning, penetration testing, and system hardening is preferred.
  • Technical & Soft Skills
  • Strong knowledge of cybersecurity, cryptography, network security, cloud security, and threat intelligence.
  • Excellent analytical, problem-solving, and risk assessment skills.
  • Strong leadership, communication, and stakeholder management abilities.
  • Fluency in English and Mandarin (both written and spoken) is required.
  • 为此搜索创建职位提醒

    Senior Manager • Hong Kong

    相关职位
    Channel Manager - Cybersecurity

    Channel Manager - Cybersecurity

    Michael PageHong Kong
    The Channel Manager will build and manage a portfolio of partners across various ecosystems, ensuring they are fully enabled and technically competent. This role is ideal for a seasoned sales profes...展示更多上次更新时间:30 天前
    Senior Manager, IT Governance and Architecture

    Senior Manager, IT Governance and Architecture

    West KowloonHong Kong
    The West Kowloon Cultural District Authority welcomes exceptional talent with a passion to realise the vision and mission of making the West Kowloon Cultural District a prime local and internationa...展示更多最后更新时间: 17天前
    Cybersecurity Operational Technology Specialist, Asia

    Cybersecurity Operational Technology Specialist, Asia

    VeoliaHong Kong, Hong Kong
    Cybersecurity Operational Technology Specialist, Asia.Veolia group is the global leader in optimized resource management. The Group designs and provides water, waste and energy management solutions ...展示更多上次更新时间:30 天前
    Senior Manager, Finance

    Senior Manager, Finance

    Johnson ElectricChina, Hong Kong
    We are looking for a Senior Finance Manager to lead the finance team in driving the company’s financial strategy and planning, overseeing regulatory compliance, and ensuring the accuracy of the com...展示更多最后更新时间: 6天前
    Senior Store Manager

    Senior Store Manager

    Link ComplianceHongKong, Hong Kong
    Our client is a Luxury fashion brand in particular as well as ready-to-wear, bags, and other accessories.Relocation assistance and work visa will be provided. Supporting Store Managers in organising...展示更多最后更新时间: 14天前
    Business Development Executive - Electrical Cybersecurity

    Business Development Executive - Electrical Cybersecurity

    TUV Rheinland Hong Kong LtdHong Kong
    IoT cybersecurity business development according to international requirements, e.Conduct market research to uncover potential clients and new market segments. Build a pipeline of qualified sales le...展示更多上次更新时间:30 天前
    Senior Manager, Compliance

    Senior Manager, Compliance

    Dah Sing Financial GroupHong Kong
    Monitor and assess regulatory developments and ensure the bank's adherence to these requirements.Collaborate with business and functional units to ensurepliance with regulatory expectations and int...展示更多最后更新时间: 9天前
    Senior AML Manager

    Senior AML Manager

    Chiyu Banking Corporation LtdHong Kong
    Oversee and manage the AML Transaction Monitoring and Fraud Risk Management team to ensure effective detection, investigation, and reporting of suspicious activities. Acting as Alternate MLRO of the...展示更多上次更新时间:30 天前
    Senior Consultant - Cybersecurity, Data Protection & IT Risks

    Senior Consultant - Cybersecurity, Data Protection & IT Risks

    Sia PartnersHong Kong, Hong Kong
    We are currently looking for a Senior Consultant with Cybersecurity Advisory experience to join our team in HK.Within Sia Partners, you will join our Cybersecurity, Data Protection & IT Risks Globa...展示更多上次更新时间:30 天前
    Cybersecurity Engineer (2-4 experience)

    Cybersecurity Engineer (2-4 experience)

    CL Technical Services Ltd.Hong Kong
    Implement cybersecurity measurements and support networks security updates and user access evaluation.Perform vulnerability and risk assessments. Work with IT security and infrastructure teams in re...展示更多上次更新时间:30 天前
    Information Technology Manager / Officer (Cybersecurity)

    Information Technology Manager / Officer (Cybersecurity)

    明報網站Hong Kong, Hong Kong
    Information Technology Manager / Officer (Cybersecurity).HKCT ( ), HKCT Institute of Higher Education and Hong Kong College of Technology, committed to Vocational & Professional Education and Train...展示更多最后更新时间: 5天前
    Cybersecurity Specialist (Technical Lead)

    Cybersecurity Specialist (Technical Lead)

    Hong Kong Air Cargo Terminals Limited (Hactl)Hong Kong
    Take this challenge if you are / plan to transform your role into a cybersecurity professional.Protect People, Process, and Technology of the company. Facilitate transformation and improve business e...展示更多上次更新时间:30 天前
    Senior Project Manager.

    Senior Project Manager.

    PCCWHong Kong HK, HK
    Ensuring establishment and embedding delivery plans for one or more work stream elements of the overall delivery programme for the PCCWs delivery of eMPF. Ensuring standard project management techni...展示更多上次更新时间:30 天前
    Senior Risk Manager

    Senior Risk Manager

    Crypto ConnectHong Kong
    M Posted byRecruiterOur client are looking for Senior Risk Manager will work closely with departmental teams, ensuring they retain responsibility for the execution of risk management processes and ...展示更多最后更新:1 天前
    Cybersecurity Specialist

    Cybersecurity Specialist

    De'Longhi GroupHong Kong - ChinaHong Kong, CN
    Collaborate with the Group Cyber Security Competence Center to define and implement solutions and guidelines aimed at enhancing IT cybersecurity architecture. Provide prompt and effective support in...展示更多最后更新时间: 18天前
    Manager to Specialist, Governance & IT Risk (Cybersecurity)

    Manager to Specialist, Governance & IT Risk (Cybersecurity)

    Captiare LimitedHong Kong
    My client is seeking a group of highly skilledernance, Risk, andpliance (GRC) professionals, from Manager to Specialist, to be cybersecurity team. Degree holders with a keen interest in cybersecurit...展示更多最后更新时间: 12天前
    Senior / Network Specialist - cybersecurity

    Senior / Network Specialist - cybersecurity

    CaptiareHong Kong
    Firewall / network / VPN / routers & switches.Our client is a well-known organization with over 1000 staffs in Hong Kong. They are now looking for senior / network specialists to join their team.You wil...展示更多最后更新时间: 6天前
    • 新!
    Senior Manager / Manager (Actuarial)

    Senior Manager / Manager (Actuarial)

    HKMC Annuity LimitedHong Kong
    A Posted byRecruiterHKMC Annuity Limited, a wholly-owned subsidiary of The Hong Kong Mortgage Corporation Limited, is an authorized insurer to facilitate retirement financial planning through provi...展示更多最后更新时间: 10小时前