Business Information Security Officer

Location: Hong Kong, Hong Kong
Salary: Bonus
Posted: 28 days ago
Contract Type: Permanent
Industry: Information & Cyber Security
Contact Name: Rita Yu
Contact Email:

Rita Yu

Consultant, Hong Kong

See more of Rita Yu's jobs

Business Information Security Officer

A global leading insurer is looking for a Business Information Security Officer to join their fast-growing team in the regional office. Successful candidate will be able to develop his or her across different business functions in an international work environment.

Your role:

  • Engage with Business/IT to perform Information Security, Risk & Compliance assessments and drive remediation actions
  • Actively maintain good understanding and governance on IT security controls in Hong Kong and China business units
  • Collaborate with Risk Management to assess Cyber risk exposure for BUs
  • Collaborate with Business/IT to ensure application security controls are implemented throughout the application development life cycle
  • Validate security metrics provided by Group and drive remediation actions to fix security control gaps, e.g. security vulnerabilities, coverage of security technologies, application security, technical control compliance, etc.
  • Share Regional & BU level IT security dashboard to help BU management to understand IT security risk exposure and provide security consultancy on business, IT and projects
  • Facilitate the Global Security Awareness & Education initiatives at the BU level and drive the relative programs in the region
  • Coordinate and facilitate the IT security incidents response and forensic investigations
  • Communicate the Cyber threat alerts to the BUs and ensure the Global Cyber Threat Intelligence requests are fulfilled

Your Skills and Experience:

  • Minimum 8 years of professional experience in information security
  • Qualification in CISSP, CISA and CISM is an advantage
  • Good understanding of holistic set of IT technologies and processes, e.g. operating systems, databases, networking, web/application, change management, SDLC, disaster recovery, monitoring, help desk, etc.
  • Strong influencing skills with ability to communicate security-related concepts to a broad range of technical and non-technical staff for all levels
  • Excellent communication skills in both written and spoken English, Mandarin and Cantonese

To quickly apply, please kindly send your updated CV to this email: for a confidential chat.

Similar Jobs