Senior Manager – Information Security Management – Leading Global Insurance & Asset Management Company

  • Excellent for the right candidate
  • Hong Kong Hong Kong Hong Kong HK
  • Permanent, Full time
  • Cornerstone Global Partners
  • 22 May 18 2018-05-22

My client a leading global Insurance & Asset Management company is looking to recruit a senior Information Security or Cyber Security specialist to join its team in Hong Kong.

The Senior Information Security Manager will be responsible for Information Security Management in the First Line of Defence and will execute practices and controls on Information Security Management and Technology Risk Management, being the point of contact for information risk management services, providing advice and guidance on Information Risk and Security, Technology Risk and regulatory for information services and business. The incumbent will perform application security scanning and secure application coding reviews, will develop the secure application coding guidelines and application security scanning process in compliance with company and regional standards. The scope of the work will include developing secure coding guidelines, recommending penetration test policy and source code review guidelines. The jobholder will follow up and address the root cause of any system vulnerabilities or security incidents, perform and validate Information Risk Assessments, participate in due diligence on vendor selection processes, report on risk and performance, the posture and exposures. The Senior Information Security Manager will coordinate security activities, including but not limited to security scanning, penetration testing, information risk awareness and readiness, support the implementation of Information Risk Management program objectives, collaborate with IT infrastructure services for project delivery assurance, incident management and with Information Risk Management establishing communication, response and handling in the event of an information risk and incidents.

The successful candidate will be a degree holder with at least 8 years’ experience in Information Risk and Security Management with at least 5 years’ experience performing application security assessments. Holders of professional certificates including CISSP, CISA, CISM, CMCP, PMP are preferred. Applicants will need to have experience performing penetration tests, vulnerability assessments and infrastructure security reviews for web applications and their supporting network infrastructure, performing secure coding reviews and have hands-on experience of HP Fortify and WebInspect. Candidates will also have experience of development, architecting, and implementing IT security solutions, digital security methodologies and deployments and secure application coding and application security scanning. The ideal candidate will be self-motivated, able to work independently with minimal supervision and have excellent interpersonal and communication skills.

If you have the relevant background and experience please send an up-to-date copy of your CV to Successful candidates will be contacted for further discussion. If you are not contacted your details may be retained for discussion about opportunities in the future.