Apply now »

Manager, Information Security

Date:  29-Jul-2022
Job Req ID:  2286
Company:  John Swire & Sons (H.K.) Limited
Location: 

HKSAR, HK

A picture containing text, clipart

Description automatically generated

John Swire & Sons (H.K.) Limited

 

A highly diversified, global corporation, the Swire group's businesses encompass property, aviation, beverages and food chain, as well as marine and trading and industrial activities. Its core businesses are mainly focused on Asia, with its key operations in Hong Kong and the Chinese mainland. The Swire group's businesses in Asia are held by the listed company, Swire Pacific Limited.

 

John Swire & Sons (H.K.) Limited is the holding company of the publicly-listed conglomerate, Swire Pacific Limited.  Our IT & Digital Department is now inviting candidates to apply for the following positions:

 

Manager, Information Security

The role would define strategic roadmap, policies and procedures to achieve optimal level of IT risk management and security. The job holder would also maintain IT Risk Registry, and work closely with the cybersecurity team for alignment and synergy.

 

Responsibilities: 

 

  • Conduct regular risk and security maturity assessment and maintain IT risk registry, review and formulate regular work plan to mitigate risk
  • Develop security operation model and team structure, and evaluate appropriate solutions for integration
  • Work closely with operations team to deliver IT risk reduction, security projects and maintain security / audit compliance. Manage day-to-day operations on security incidents, vulnerabilities reduction  and exemptions.
  • Recommend security requirements for IT & Business project implementation, and mediations based on compliance results
  • Manage and provide technical advice on project implementation, e.g., security management, system software obsolescence, disaster recovery, business continuity planning etc. 
  • Review IT risk and security operations regularly, and manage outsourced SOC and any security outbreak
  • Provide security awareness training and work on IT risk & security related user communications 

 

Requirements:

  • Bachelor’s degree in Computer Science, Information Technology or related discipline
  • At least 8 years of experience in IT infrastructure projects and operations
  • Obtained professional qualification such as CISSP, CISA, CISM or CEH would be desirable
  • Solid technical knowledge and experience in IT risk management and security solutions planning, evaluation and rollout
  • Hands-on experience in security monitoring and operation e.g. Vulnerability Scanning, DLP/EDR, NGFW, IDS/IPS, CASB, WAF, Privileged Access Management, SIEM, SOC/SOAR, Active Directory Security
  • Understanding of NIST CSF, SANS, CIS, ISO27001 or related security frameworks
  • Hands-on experience in Cloud Security, such as Azure Security, AWS Security, Microsoft 365 Security would be strongly considered
  • Excellent communication skills in both written and spoken English and Chinese. Fluent Putonghua is desirable

 

Application:

At Swire, we are committed to creating an inclusive and supportive working environment for all our people regardless of their age, gender, gender identity, sexual orientation, relationship, family status, disability, race, ethnicity, nationality, religious or political beliefs. We believe in creating an environment where people feel comfortable at work and are able to realise their full potential.

 

We offer a competitive package to the right candidate. If you meet the qualifications and are interested in this position, you can send your application by clicking "Apply Now". We will contact all shortlisted candidates.

 

The Swire group is an equal opportunity employer. All applications received will be used exclusively for selection purposes and handled confidentially by authorised personnel only. Your application may also be considered for other suitable positions within the Swire group (please indicate clearly on your application if you would not like to be considered for other positions within the group.) Following data privacy ordinance, all unsuccessful applications will be destroyed after an appropriate time.

Apply now »