Exciting opportunity for candidates with between 3-5 years of experience in the Information Security Risk & Compliance side to Develop and manage the technical risk governance framework & risk portfolio, which follows the IT control standards and guidelines. With a Global Insurance firm.
Roles & Responsibilities:
Communications and engagement with key stakeholders
- Coordinate and support compliance assessment and security audits conducted by regulators and internal/external auditors
- Coordinate inputs and craft accurate and effective responses to enquiries on IS matters coming from regulators and auditors
Awareness-raising campaigns for employees
- Organize regular activities and develop localized materials to raise the awareness of employees at all levels on various cybersecurity controls and practices, and other topical issues
- Maintain and curate the internal IS Information Hub in the company intranet
- Coordinate ad-hoc cross-functional teams on special projects or strategic initiatives relating to IS
- Communicate with group offices, business partners, corporate clients, IT vendors and/or external parties on IT security matters, as and when needed
Minimum Job Requirements:
- Degree holder in Computer Science, Information Systems, Business, Finance, Risk Management, or a related discipline.
- Minimum of 3 years of relevant and solid experience in risk management and control (preferably in the area of information security and technology risk), gained from international financial institutions, financial regulators or external consulting firms.
- Holder of relevant audit professional qualification and/or IT security certificates preferred (such as CISA, CISM, CISSP etc.).
- Experience in handling audit-related assignments and cybersecurity assessments against information security frameworks or standards, such as HKMA's CRAF, ISO 27001, NIST Cyber, etc.
- Familiar with relevant control requirements from different regulatory bodies of Hong Kong, such as Insurance Authority, Mandatory Provident Fund Schemes Authority, etc.
- Excellent communication (written and oral) skills, and demonstrated experience as a highly effective facilitator of cross functional teams.
- Confident and trustworthy; keen to earn the respect and trust of, and inspire, others. Independent and strong self-initiative to work creatively and analytically when solving problems.
You are required to obtain the relevant license(s) if your job involves regulated activities