Key Responsibilities

• Report to Head of Information and Communication Technology (ICT).
• Formulate strategy and roadmap of cybersecurity management to safeguard information assets and protect against cyber and technology risks.
• Develop, implement and maintain cybersecurity governance, policy, standards and procedures that align with industry standards, frameworks and good practices.
• Implement and manage effective security controls and measures to secure ICT infrastructure, systems, networks, storage and endpoints.
• Conduct regular cybersecurity resilience assessment to evaluate the control effectiveness and identify weaknesses to maintain the maturity and capability of the defined security posture.
• Deploy and manage security tools and technologies such as firewalls, intrusion detection systems, anti-malware software and encryption mechanisms.
• Collaborate with cross-functional teams to integrate security controls into new and existing ICT systems and projects.
• Stay updated on emerging cybersecurity threats, trends, and technologies to proactively mitigate risks and enhance security posture.
• Monitor and analyse security events and alerts to detect and respond to security incidents and breaches.
• Respond to cybersecurity incidents and breaches by implementing incident response procedures and coordinating with relevant stakeholders.
• Perform ICT outsourcing security assessment to mitigate cyber and technology risks and recommend appropriate remediation actions whenever appropriate.
• Conduct security awareness training and education programs for employees to promote cybersecurity awareness and best practices.
• Prepare management information, key risk indicators and reports related to cybersecurity activities to facilitate management decision making.

Requirements

• 5+ year proven experience as a cybersecurity specialist or similar role.
• Bachelor's degree or above in cybersecurity, information and communication technology related fields.
• Industry recognized qualifications such as CISM, CISSP, CEH, CCSP and CCSK are desirable.
• Experience of formal cybersecurity resilience assessment, associated methodology, processes and good practices.
• Experience with security techniques and tools such as firewalls, intrusion detection systems, anti-malware software, SIEM solution and vulnerability scanners.
• Proficiency in cybersecurity architecture, frameworks and standards, with a strong understanding of security principles, technologies and best practices of cyber safeguard and defence.
• Good knowledge of cyber threat monitoring, analysis and prevention, and relevant techniques and tools to respond and protect against cybersecurity incidents and breaches.
• Good technical knowledge and understanding of the cybersecurity impacts for adopting new and existing technologies.
• Good interpersonal skills to be able to communicate, influence and negotiate with various stakeholders.
• Ability to self-start and take ownership of assigned tasks and projects.
• Proficiency in written and spoken English and Chinese.

We offer competitive package to the right candidate. Interested party please apply on or before 31 May 2025 in confidence with resume in Word document, stating present and expected salary, and available date and quote the reference by email to: [via CTgoodjobs Apply Now] (Please mark the ref. no. on the email header).

Applicants are encouraged to submit their applications as soon as possible. The review of applications will continue until post is filled.