Description

You will manage security governance, risk mitigation, and compliance frameworks to align with group security strategies.

Responsibilities

• Review, maintain, and enforce security policies, procedures, and guidelines.
• Lead audits and risk assessments to identify gaps and execute remediation plans with stakeholders.
• Conduct third-party and vendor security assessments to ensure requirement compliance.
• Develop risk mitigation strategies, monitor risk treatment, and manage security governance KPIs.
• Lead crisis management planning, including the development of policies and tabletop exercises.
• Provide digital risk advisory on emerging technologies and automate security and compliance processes.

Required Skills

• Minimum 3 years of experience in information/cybersecurity, focusing on IT auditing, governance, and risk management.
• Proven experience in security operations, governance, or projects with regional exposure.
• Strong knowledge of information security frameworks.
• Experience conducting risk assessments, vulnerability assessments, and security audits.
• Working knowledge of threats, vulnerabilities, IT infrastructure, and application security.
• Proficiency in written and oral English and Chinese.
• Expertise in IT Compliance, IT Security, and Cybersecurity.
• Minimal Diploma in IT, information security, or an equivalent field.

Preferred Skills

• Professional security certifications.

Key Skills

Education

Minimal Diploma in IT, information security