Information Security Manager

Job Responsibilities

• Assess information security risks of new projects and propose mitigation measures
• Design and implement cyber defense plans aligned with Group policy and HKMA requirements
• Manage daily security operations, including event monitoring, rule design, case follow-up, reporting, account and vulnerability management, penetration testing, and other routine tasks
• Coordinate internal and external audits related to information security
• Conduct regular security health checks and cybersecurity drills

Job Requirements

• Minimum 5 years' experience in banking, IT, or information security, with hands-on use of security tools and rule setting
• Must hold HKMA-recognized security certifications (e.g., CISSP, CISM, CISA, CSX-S/E, CCSP, CRT, CCT Infra/Web App, CCSAS/M)
• Participated in cyberattack drills as red/blue team; hands-on with techniques like SQL injection, Buffer Overflow, XSS, sniffing, AV bypass, Privilege Escalation, CC attacks, Lateral movement, Vulnerability Mining, etc.
• Nice to have experience drafting security policies, procedures, and standards
• Bachelor's degree or above in IT or related fields