Head of Information Security
鰂魚涌, 香港
source : Dairy Farm

The Job

  • Establish and maintain a comprehensive cyber security program based on best practice and aligned with the Business Needs
  • Define and recommend information security policies for approval by management
  • Build and manage information security awareness material and campaigns which will be disseminated to users and stores across the organization
  • Author, procure, and publish technical security standards for infrastructure and software, and to manage program / (programs) of development and compliance monitoring
  • Lead and manage the PCI-DSS regular ASV scan and annual external penetration test across the group
  • Lead the PCI-DSS compliance activities by monitoring performance and readiness at Business Unit level and supporting teams with advice.
  • Report the compliance status and issue to the management and major stakeholders

  • Work with local and oversea IT partners to research and identify tools to deploy, improve the security compliance, and reduce risk for the organization
  • Lead the investigation of major security incidents. Working with internal and external parties to identify the root cause and implement mitigation measures
  • Update the management and major stakeholders with latest information security trends, threat, and solutions
  • Lead information security assessments of new businesses and implement programs and activities to ensure the Group standard is met
  • The Person

  • Bachelor degree in Computer Science or a related subject
  • Minimum 10 years IT experience, including at least 5 years in security management and IT governance, preferably in a regional and shared services environment
  • Technical experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols
  • Current CISA, CISM, CISSP, or other security related qualifications are preferred
  • Practical experience and working knowledge in Information Security frameworks, audit principles, security administration processes, and metrics collection and reporting
  • Possess deep knowledge of best practice of Information Security and with solid understanding of technologies including, firewalls, VPNs, penetration testing, data loss prevention, disaster recovery, and other security solutions
  • Proven experience in formulating and executing IT governance and compliance initiatives
  • Excellent communication and interpersonal skills with the ability to effectively interact with a diverse group of IT staff located in multiple locations
  • Excellent verbal and written presentation skill in English
  • 报告这项工作

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    通過點擊“繼續”,我允許neuvoo同意處理我的數據並向我發送電子郵件提醒,詳見neuvoo的 隱私政策 。我可以隨時撤回我的同意或退訂。