Security Architecture (6 month contract)
Manulife Financial Corporation
Hong Kong, HK

Job Description :

Are you looking for unlimited opportunities to develop and succeed? With work that challenges and makes a difference, within a flexible and supportive environment, we can help our customers achieve their dreams and aspirations.

Job Overview :

Manulife has established the Asia IS Risk Management Office which governs the overall IS risk management posture that includes Information Security, IS Privacy, IS Compliance, and IS Audit in Asia.

It also integrates closely with the Global IS Risk Management Office.

The candidate will be hired and physically located in Hong Kong, reporting directly to Director, Information Security Management.

This role will participate in key projects and initiatives ensuring information risk is always considered and managed. He / she will join a vibrant and global information risk management practice and team that works hard to enable and facilitate business while protecting our people and key information assets located in eleven countries.

This multi-discipline team pulls together a number of specialties forging strong ties between :

  • Information Security Management
  • Technology Risk Management
  • Strategic Planning, Services Integration & Information Protection
  • Business Continuity Management
  • As Security Architect, Information Security Management will see the role leading the Information Security Management program for the Asia division.

    ISM takes a broad view of information security by overseeing security controls in business and technology solutions by leveraging global risk assessment processes.

    This role will work to ensure information risk management is included and embedded in key processes. Finally, Security Architect works closely with senior management via their tracking and reporting functions ensuring timely response to questions from management, the Board and regulators.

    Responsibilities :

  • Determines security requirements by evaluating business strategies and requirements; researching information security standards;
  • conducting system security and vulnerability analyses and risk assessments; studying architecture / platform; identifying integration issues;
  • Plans, research and design robust security architectures;
  • Deep technical understanding of and experience with security technologies including, but not limited to, single sign-on, active directory, multi-
  • factor authentication, public key infrastructures, certification authorities, virtualization, privilege account management, web services, cryptographic, key management, intrusion detection / prevention, event correlation, firewall, antivirus, anti-

    spam, policy enforcement, patch / configuration management, application whitelisting, etc.

  • Leads / coordinates integration of new technologies, migration implementations, and major upgrades. Anticipates technical evolutions;
  • designs and builds durable architectures.

  • Reducing information risk exposures by introducing a robust enterprise information risk management framework and supporting infrastructure for proactively identifying, managing, monitoring and reporting on critical information risk exposures.
  • Leverage GRC systems to comment on draft standards, track compliance to in-force standards and policies, monitor risk exceptions and acceptances, report on vendor assessments, follow and confirm compliance to regulations, etc.
  • Provide advisory and recommendation based on the add-value analysis on IT deficiencies from Audit and Risk Acceptance reports
  • Collaborate with other IRM teams and professionals from Asia Technology Office, Business Units, Global Infrastructure Service, Divisional Information Risk Officer, Compliance, Audit Services, and peer Information Security Management leads across Manulife globally.
  • Contribute and shape divisional and global ISM projects and initiatives. Ensure division-specific requirements and needs are accommodated whenever possible and practical in initiatives, projects and services.
  • Provide advisory to business units in Divisions around current and emerging technology risks and their impact to the company’s information risk profile
  • Requirements :

  • University Degree with 10+ years of progressive experience in one or more of the following disciplines : Information Technology / Application / Platform / Network, Information Risk Management, Audits, ITIL / COBIT frameworks, Security Solutions ideally with some of that time spent in a large and complex organization.
  • Practices and methods of IT strategy, enterprise architecture and security architecture
  • Professional certifications or designations in security, IT auditing is a plus, but not a requirement.
  • Security Certifications : CISM, CISSP and / or CISA, but not mandatory
  • Excellent communication skills (oral and written) including presentation skills and demonstrated ability to present at all organizational levels.
  • Innovative problem solving skills with the proven ability to exercise flexibility and judgment.
  • Ability to learn, know and act upon what’s important to Manulife and business units.
  • Proven ability to build relationships, engage and influence others, work with a diverse internal and international user community, as well as vendors.
  • Strong interpersonal skills, including demonstrated ability to be sensitive and professional when communicating across geographical and cultural boundaries.
  • Ability to work independently and collaboratively simultaneously, while managing multiple priorities within tight deadlines.
  • Process and results oriented.
  • Proactive, innovative, self-motivated and work independently
  • Proven ability to multi-task, manage and work on tasks concurrently
  • Good interpersonal communication, management and presentation
  • 申請
    通過點擊“繼續”,我允許neuvo同意處理我的數據並向我發送電子郵件提醒,詳見neuvo的 隱私政策 。我可以隨時撤回我的同意或退訂。