Responsibilities :
Develop and implement data security policies, procedures, and controls to protect sensitive information and in accordance with applicable regulations (e.g., GDPR, PIPL)
Classify and secure data based on its sensitivity and regulatory requirements.
Implement and maintain encryption, masking, and other data protection technologies.
Collaborate with cross-functional teams to embed privacy-by-design principles in new and existing projects.
Ensure the organization’s data processing activities are fully documented and regularly reviewed.
Monitor regulatory developments and advise on potential impact to business operations.
Conduct regular reviews of internal processes to ensure ongoing compliance.
Perform comprehensive risk assessments to identify and mitigate compliance, operational, and reputational risks.
Develop and execute risk management strategies and recommend corrective actions.
Prepare and deliver regular risk reports to senior management.
Requirements :
Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
3-5 years proven experience in data security, data privacy, information security, or a related role.
Strong understanding of data protection principles, regulations, and frameworks (e.g., GDPR, CCPA, HIPAA, NIST).
Experience with security tools such as Data Loss Prevention (DLP), encryption technologies, and SIEM platforms
Security certificate e.g. CISM, CISSP, CISA, CEH
Strong analytical, problem-solving, and presentation skills
Excellent communication and interpersonal skills to collaborate with cross-functional teams
Proficiency in both written and spoken English and Chinese, including Mandarin
Data Engineer • Hong Kong