Director/Senior Manager, Information Security Management, ETS
Manulife
Hong Kong, HK
2天前

The Opportunity

The ETS Asia Control Integrity team is the security and compliance team under the ETS Asia Umbrella. The team performs security assessments for new technologies and new projects, in addition to performing an assurance function to ensure ETS comply with company and regulatory security requirements.

The incumbent will be an individual contributor reporting to Director of the team.

Join this dynamic team as the person accountable to design, implement and monitor security controls for the cloud-based infrastructure, platform and services.

What motivates you?

You obsess about customers, listen, engage and act for their benefit

You think big, with curiosity to discover ways to use your agile mindset and enable business outcomes

You thrive in teams, and enjoy getting things done together

You take ownership and build solutions, focusing on what matters

You do what is right, work with integrity and speak up

You share your humanity, helping us build a diverse and inclusive work environment for everyone

We are looking for someone with :

Degree holder of computer science or engineering.

Possess Information security (CISSP, CISM, SANS) and auditing (CISA) designations.

At least 5 years working experience focusing on security architectural design in the DevOps environment.

At least 5 years of working experience in the information security areas including network security, AAA, RBAC, encryption, security scanning, hardening, privilege ID management etc.

Able to work on flexible hours including having meetings with North America in the evenings occasionally.

Strong experience on automation for security control enforcement and monitoring

Ability to manage multiple tasks for multiple stakeholders which will need to be prioritized. Results oriented; ability to balance multiple priorities and projects.

Knowledge of control frameworks, risk management practices and regulatory requirements.

Well-developed impact and influence skills.

Excellent customer focus and commitment to quality.

Knowledge and understanding of the financial industry.

Nice to Haves :

Experience with defining security guardrails in DevOps CI / CD pipelines.

Experience with microcontainer architecture and docker containers based applications.

Experience with container management tools such as Kubernetes

Experience in security scanning tools and security controls in microservices env.

Track record of building strong relationships across technology functions.

On the job you will :

Project and Technology Information Risk Management

Perform ETS project and technology information risk assessments including assessing risks and define controls as well as tracking the implementation of controls.

Assessment focus for the incumbent is the cloud-based infrastructure, platform and services

Design, document and / or implement BAU security controls applicable to the cloud-based infrastructure, platform and services

Evaluate products for implementing security controls in the cloud or on-premises spaces.

Develop Infrastructure-as-code to automatically and continuously enforce security controls.

Assurance Review

Establish security compliance monitoring mechanism to periodically and automatically measure security control operation effectiveness.

Provide security metrics for overall security posture reporting.

Our commitment to you

Our mission; to be a part of making Decisions Easier and Lives Better

A leadership team dedicated to your growth and success

A bold ambition and set of goals to be a leader in driving transformation in our industry

Our best. Every day.

报告这项工作
checkmark

Thank you for reporting this job!

Your feedback will help us improve the quality of our services.

申請
郵箱地址
通過點擊“持續”,我允許neuvoo同意處理我的數據並向我發送電子郵件提醒,詳見neuvoo的 隱私政策 。我可以隨時撤回我的同意或退訂。
持續
申請表