The role will support the Group CISO on group cybersecurity program/projects prioritization, prerequisites, workload estimation, capacity planning, budget, tendering, and cybersecurity ROI.
Responsibilities:
- Collaborate with operating companies to ensure proper roll-out of global security program
- Define with operating companies the metrics and reporting strategies, to effectively evaluate program's progress and areas for improvement
- Support major and complex cybersecurity projects with tactical, operational, and strategic impact on all in-scope operating companies
- Contribute in vendor selection processes, and manage external security management vendors and service providers to support security planning and implementation
- Liaise among the Group, operating companies, and project teams/vendors, to consolidate requirements and difficulties from multiple projects
- Ensure project risks are identified, and mitigation plans are defined and implemented
- Consolidate inputs from various parties, and promote communication and awareness of the program with all operating companies
Requirements:
- Bachelor's degree or above in Information Security Management, Computer Science and Technology, Network and Telecommunication, and Information Systems Management
- At least 10 years of cybersecurity experience, with at least 3 years of cybersecurity project management
- Solid experience in executing RFP in tendering processes, vendor negotiation, and allocating massive budget and cost spending
- Attainment of relevant certificates, e.g. CISSP, CRISC, CISA, PMP, PRINCE2, is preferred
- Excellent communication skills in both written and spoken English and Chinese. Fluent Putonghua is desirable
