Launch Recite Me assistive technology
Back to job search

Assistant Director Information Security

  • Location:

    Hong Kong

  • Sector:

    Risk & Compliance

  • Job type:

    Permanent

  • Salary:

    Negotiable

  • Contact:

    Abbie Ng

  • Contact email:

    Abbie.Ng@ojassociates.com

  • Job ref:

    JOB-122020-132594_1609751972

  • Published:

    22 giorni fa

  • Expiry date:

    2021-02-03

My Client is seeking an experienced information security from financial services background. Must have risk committee experience and strong risk frameworks implementation.

Duties:

  • Individual contributor role based in Hong Kong
  • Develop, manage and execute information security (including cyber) assurance reviews
  • Produce Business Unit and Group level reports on the status of implemented information security controls and Policy, including coordinating the annual Turnbull Policy attestation exercise.
  • Be responsible for the submission and fulfilment of Audit RFIs that are addressed at the group information security and privacy team.
  • Coordinate audit readiness exercise when required to ascertain the control postures prior to major audit.
  • Use the output and knowledge gained from assurance reviews to craft the development of Group policy, technical standards and procedures
  • Build process and tool to track exception to Standards and Policy.
  • Periodic review, continuous improvement, and compliance management of Policy and standards.
  • Coordinate the structure and management of Standards across all security disciplines.
  • Third party security management and oversight (assessment process, template and performing assessment on regionally engaged 3rd parties)
  • Continuous improvement and development of the tool and process used to handle audit RFIs submission and fulfilment.
  • Prepare presentations deck and write analysis paper for submission in various senior governance forum within Risk and Digital departments.

Requirements:

  • Experience of implementing information security (including cyber) policy and systems, including supporting procedures and technical standards.
  • Experienced and understanding of information security (including cyber) standards and implementation, including:
  • International security control standards (e.g. ISO, ISF, NIST)
  • Security architecture, infrastructure and technologies, e.g., network security, web services, operating and systems, etc.
  • information security (including cyber) audits and reviews
  • Technical and procedural risk analysis,
  • information security (including cyber) policy development and compliance monitoring
  • Ability to handle information security (including cyber) projects related to all areas of Prudential business
  • Strong analytical skills, Good written and communication skills
  • Pro-active, with the ability and confidence to drive forward discussions, co-ordinate activities, make judgements and take decisions
  • Ability to work under stress and cope with results-oriented demands
  • Ability to connect with people at all levels and build strong working relationships
  • Ability to deal appropriately with information which may be highly sensitive
  • Appropriate Graduate and / or Professional Qualifications, eg CISM, CISA, CISSP (or equivalent industry experience)
  • Technically proficient to be able to translate information security topics, initiatives / program into something that is digestible for parties outside of information security community.
  • Display subject matter experience in diverse information security areas (e.g. application security, Cloud security, Vulnerability Management, agile lifecycle management, DevSecOps, etc)
  • Strong business insight within the insurance / financial services industry and related operational fields.
  • More than 10 years + experience in the information security, privacy and technology risk field, preferably in the financial services industry.

Back to job search
Image 2022 03 22 T16 58 33

A Milano si cercano professionisti del recruiting. Parte l’Academy di Oliver James