Group Manager, Cybersecurity Architect

John Swire & Sons (H.K.) Limited

A highly-diversified and global corporation, the Swire Group’s businesses encompass property, aviation, beverages and food chain, as well as marine and trading & industrial activities. Its core businesses are mainly focused in Asia, with its key operations in Hong Kong and the Chinese Mainland. Within Asia, Swire's activities come under the Group's publicly quoted arm, Swire Pacific Limited, which is the largest shareholder in two Hong Kong listed companies: Swire Properties and Cathay Pacific Airways.

John Swire & Sons (H.K.) Limited is the holding company of the publicly-listed conglomerate, Swire Pacific Limited. Our Cybersecurity Department is now expanding, and inviting candidates to apply for the following position:

Group Manager, Cybersecurity Architect

As part of our growing team, this new position will be instrumental in defining and enhancing the security posture for Swire Group, encompassing both cloud-based and on-premises infrastructures. This vital role will drive the integration of security best practices into the development lifecycle, and participate in the deployment of advanced security solutions. 

Responsibilities: 

• Build, maintain, and enforce the Group's cloud security architecture, ensuring alignment with industry best practices and regulatory requirements
• Conduct regular security architecture reviews to pinpoint potential gaps and weaknesses, and assess the effectiveness of existing security measures. Recommend appropriate countermeasures, and monitor the improvement plans with operating companies
• Serve as a subject matter expert on cloud security, providing guidance and support to team members and stakeholders on security best practices and risk mitigation techniques
• Develop, maintain, and effectively communicate the cloud security policies, procedures, and guidelines across Swire Group
• Contribute to selection and implementation of emerging security technologies and cutting-edge security solutions, to assure proper protection of our systems and data, and  continuous improvement of security posture
• Communicate security requirements with technical and non-technical stakeholders to ensure their understanding and adherence to security policies and guidelines
• Develop and deliver security awareness training and education programmes from security architecture perspective, to promote a strong security culture 
• Provide technical expertise on incident response activities and post-incident analysis
• Stay current on emerging security trends, threats, and technologies, and share insights with key stakeholders to drive continuous improvement
• Provide regular reports on cloud security performance and risk exposure to senior management

To be successful in this role, you must have:

• A Bachelor’s degree or above, in Computer Science and Technology, Information Systems, Information Security Management or a related field
• A minimum of 10 years’ experience in information security field, with at least 3 years in security architect or equivalent
• Professional certifications such as CISSP, CCSP, CCSK, and Azure/AWS/Alibaba/Google cloud certifications are preferred
• Expertise in cloud security principles, technologies, and best practices, with experience in using AWS, Azure, Alibaba Cloud or Google Cloud Platform
• Sound experience in network security, encryption, IAM, and data protection
• Proven track record in evaluating and adopting security tools and technologies including firewalls, IDS/IPS, SIEM, IAM, EDR/XDR, CSPM, and SASE, etc.
• Strong understanding of cybersecurity frameworks and standard e.g. NIST, ISO, CIS; and DevSecOps principles and CI/CD pipeline and automation tools
• Proficiency in scripting languages e.g. Python, Bash, PowerShell
• Excellent communication skills in both written and spoken English and Chinese. Fluent Putonghua is desirable

Application:
At Swire, we are committed to creating an inclusive and supportive working environment for all our people regardless of their age, gender, gender identity, sexual orientation, relationship, family status, disability, race, ethnicity, nationality, religious or political beliefs. We believe in creating an environment where people feel comfortable at work and are able to realise their full potential.

We offer a competitive package to the right candidate. If you meet the qualifications and are interested in this position, you can send your application by clicking ‘Apply Now’. We will contact all shortlisted candidates.
 

The Swire group is an equal opportunity employer. All applications will be used exclusively for selection purposes and handled confidentially by authorised personnel only. Your application may also be considered for other suitable positions within the Swire group (please indicate clearly on your application if you would not like to be considered for other positions within the group.) Following the data privacy ordinance, all unsuccessful applications will be destroyed after an appropriate time.