My client is seeking a group of highly skilled IT-Risk and Compliance professional, from Senior Specialist to Junior Specialist. The ideal candidate(s) will be responsible for developing and overseeing the organization's cybersecurity governance framework, managing risks, and ensuring compliance with regulatory and industry standards (such as PCI DSS, ISO 27001, NIST, GDPR and other relevant framework).
Requirements:
- Degree holders with a keen interest in cybersecurity, risk management, or compliance.
- For Specialist, minimum 2 years' experience; for Manager 10 years' experience in technology or risk management industries, with at least 5 years in GRC or related security roles.
- Self-motivated and able to work independently. Strong project management, analytical, and interpersonal skills.
- Good command of written and spoken English and Chinese.
- Certification in cybersecurity or GRC, such as Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Auditor (CISA), preferred.
- Hands-on experience with governance and risk platforms and compliance frameworks (e.g., PCI DSS, ISO 27001, CRAF, CI Bill) is highly preferred.
Please note that only shortlisted candidates will be notified. All information gathered will be treated in strict confidentiality and solely used for recruitment purpose.
