Apply now »

Security Analyst

Date:  13-Sep-2022
Job Req ID:  2386
Company:  John Swire & Sons (H.K.) Limited


A picture containing text, clipart

Description automatically generated

John Swire & Sons (H.K.) Limited


A highly-diversified and global corporation, the Swire Group’s businesses encompass property, aviation, beverages and food chain, as well as marine and trading & industrial activities. Its core businesses are mainly focused in Asia, with its key operations in Hong Kong and the Chinese Mainland. Within Asia, Swire's activities come under the Group's publicly quoted arm, Swire Pacific Limited, which is the largest shareholder in two Hong Kong listed companies: Swire Properties and Cathay Pacific Airways.


John Swire & Sons (H.K.) Limited is the holding company of the publicly-listed conglomerate, Swire Pacific Ltd. Our IT & Digital team is now inviting candidates to apply for the following position:


Security Analyst
The job holder will partner with cybersecurity and IT & Digital teammates to assist in risk management & security roadmap development in head office, assess and mitigate cybersecurity risk for projects, and develop security standard, policies, and procedures.

He / She will also work with internal stakeholders and vendors to ensure risk management & security operations are in place to protect our IT and data assets.



  • Develop and maintain security governance documentation and practices, and information security framework to ensure alignment with legal and regulatory requirements
  • Identify security risks and drive opportunities to improve head office’s security environment
  • Liaise with information system owners to maintain risk and compliance protocols, and to progress with risk treatment plans
  • Contribute to technology strategies and product selections, and ensure security controls are aligned with head office’s information security policies and standards 
  • Perform regular review on company security practices to ensure compliance with Swire Group policies and latest Industry standards, such as GDPR, PIPL, etc.
  • Establish close relationships with internal and external stakeholders to maintain and improve current security setting, and enhance users’ awareness and knowledge of information security
  • Conduct research on latest technology and select the more suitable solutions for company infrastructure enhancement



  • Bachelor’s degree in Computer Science, Information Technology, or related disciplines
  • CISSP holder; other relevant qualifications e.g. CEH, CISA, CISM, etc. are desirable
  • At least 5 years’ experience in Cybersecurity, with exposure of risk assessment or security compliance
  • Solid knowledge of cyber security standards, e.g. ISMS, NIST Cyber Security Framework and ISO27001
  • Proven track record in performing information technology/security audits, control assurance activities, risk management, information security compliance and governance, is preferred
  • Good knowledge of security technologies for security incidents detection and prevention, such as IDS/IPS, Endpoint Security, Firewalls, Content Inspection and SIEM is a plus
  • Good communication skills in both spoken and written English and Chinese. Putonghua is desirable


At Swire, we are committed to creating an inclusive and supportive working environment for all our people regardless of their age, gender, gender identity, sexual orientation, relationship, family status, disability, race, ethnicity, nationality, religious or political beliefs. We believe in creating an environment where people feel comfortable at work and are able to realise their full potential.


We offer a competitive package to the right candidate. If you meet the qualifications and are interested in this position, you can send your application by clicking "Apply Now". We will contact all shortlisted candidates.


The Swire group is an equal opportunity employer. All applications will be used exclusively for selection purposes and handled confidentially by authorised personnel only. Your application may also be considered for other suitable positions within the Swire group (please indicate clearly on your application if you would not like to be considered for other positions within the group.) Following the data privacy ordinance, all unsuccessful applications will be destroyed after an appropriate time.

Apply now »