Our client is a government related organization and they are looking for Senior Manager for Cybersecurity. The client prefers strong candidate with FI experience to help develop strategy and roadmap for cybersecurity governance and management.
Key Responsibilities:
- Lead a small team to formulate strategy and road map for cybersecurity governance.
- Formulate strategy and roadmap of cybersecurity management to safeguard information assets and protect against cyber and technology risks.
- Develop, implement and maintain cybersecurity governance, policy, standards and procedures that align with industry standards, frameworks and good practices.
- Implement and manage effective security controls and measures to secure ICT infrastructure, systems, networks, storage and endpoints.
- Conduct regular cybersecurity resilience assessment to evaluate the control effectiveness and identify weaknesses to maintain the maturity and capability of the defined security posture.
- Deploy and manage security tools and technologies such as firewalls, intrusion detection systems, anti-malware software and encryption mechanisms.
- Collaborate with cross-functional teams to integrate security controls into new and existing ICT systems and projects.
- Stay updated on emerging cybersecurity threats, trends, and technologies to proactively mitigate risks and enhance security posture.
- Monitor and analyse security events and alerts to detect and respond to security incidents and breaches.
- Respond to cybersecurity incidents and breaches by implementing incident response procedures and coordinating with relevant stakeholders.
- Perform ICT outsourcing security assessment to mitigate cyber and technology risks and recommend appropriate remediation actions whenever appropriate.
- Conduct security awareness training and education programs for employees to promote cybersecurity awareness and best practices.
- Prepare management information, key risk indicators and reports related to cybersecurity activities to facilitate management decision making.
Key requirements:
- 10+ year proven experience as a cybersecurity specialist or similar role.
- Bachelor's degree or above in cybersecurity, information and communication technology related fields.
- Proficiency in cybersecurity architecture, frameworks and standards, with a strong understanding of security principles, technologies and best practices of cyber safeguard and defence.
- Experience of formal cybersecurity resilience assessment, associated methodology, processes and good practices.
- Experience with security techniques and tools such as firewalls, intrusion detection systems, anti-malware software, SIEM solution and vulnerability scanners.
- Good knowledge of cyber threat monitoring, analysis and prevention, and relevant techniques and tools to respond and protect against cybersecurity incidents and breaches.
- Good technical knowledge and understanding of the cybersecurity impacts for adopting new and existing technologies.
- Good interpersonal skills to be able to communicate, influence and negotiate with various stakeholders.
- Ability to self-start and take ownership of assigned tasks and projects.
- Proficiency in written and spoken English and Chinese.
- Industry recognized qualifications such as CISM, CISSP, CEH, CCSP and CCSK are desirable.
