Cybersecurity Manager - Cybersecurity

Responsibilities

• Lead cybersecurity management, including establishing cybersecurity standards, performing technical evaluation, and proactively mitigating cybersecurity and cloud-security risks, as well as responding to security incidents
• Ensure the cybersecurity related projects are delivered on time & relevant controls are performed accurately & properly according to the Bank’s standard procedures and regulatory requirements
• Provide technical guidance to the infrastructure and systems team to enforce cybersecurity controls.
• Work with technical and business units across the organization as a security reference point, offering advice, support, and guidance on all a wide range of security issues.
• Deploy, migrate and maintain cybersecurity solutions in accordance with company security policies and best practices in security.
• Partner with risk management units, technical support teams and related stakeholders to deliver complete cybersecurity solutions.
• Plan cybersecurity requirements and constructing, validating and deploying the system.
• Monitor and detect malicious activity once the system is deployed.
• Handle and coordinate in the event of cyber incident response.
• Analyze existing structures and attempting to come up with new, enhanced security solutions.
• Manage the security administration functions to ensure control effectiveness.
• Conduct security testing and assessments against the Bank’s standard procedures and regulatory requirements, including C-RAF and iCAST.
• Perform third-party risk assessments and site visits with relevant business users to identify and mitigate potential security risks arising from third-party engagement.
• Identify gaps between current technical infrastructure and required compliance standards. Prepare detailed reports highlighting areas of non-compliance or potential improvement.

Requirements

• University graduate, preferably major in Computer Science related subjects or equivalent; OR
• Preferable over 10 years’ experience in cybersecurity or related sector cover the following:
• At least 5 years in 1st line cybersecurity management, technology risk management or technology audit;
• At least 3 years in a team lead/management role;
• Technical background, understanding of security technologies, security controls and security best practice;
• Proficient in security capabilities and security best practice;
• Understanding of how to properly configure security settings for cybersecurity protection and detection tools
• Good project management and leadership skill;
• A team leader with good communication skills and risk awareness;
• Certified in CISSP, CISA or related professional certification
• Good command of both spoken and written English and Chinese, fluent in Putonghua is preferable.
• Self-motivated and good problem solving skills.