Security Risk Manager- Global Insurance Firm- up to HKD$70k
Our client is one of the first-tier global insurance firm in Hong Kong with a strong and outstanding performance in different countries. They have been aggressively expanding the business across the world in past years. Currently, they are hiring for Senior Consultant (Senior/Manager) to join their team. The right candidate will participate in key projects and initiatives ensuring information risk is always considered and managed. The right candidate has to play an active role in vendor and contract risk assessments, assist business partners in completing risk and control assessments, and help coordinate internal audits including third-party audits. You will also promote information risk management awareness and education throughout the organization empowering risk-informed decision making at all levels. You will be a critical resource in the overall protection of the organization's critical information assets. Candidates who are open to new challenges will be suitable for the role.
- Perform divisional information security and technology risk program activities in Asia include implementing controls, protecting information and completing vendor risk assessments.
- Deliver information security, system recovery and regulatory compliance consulting services to business and IT partners empowering them to manage their information risks.
- Provide the information risk management perspective to project teams using risk identification, information criticality and risk assessments. Assist business areas in designing and implementing controls.
- Oversee ongoing divisional security processes for incident/crisis management, access management, vulnerability and patch management, and even some processes tied to business continuity and disaster recovery.
- Coordinate IT audits conducted by Audit Services, regulators, clients and third party auditors. Assist crafting responses and remediation plans. Ensure evidence is collected and shared in a timely fashion and all outstanding issues are closed as committed. Supervise third-party IT audit engagements as required.
- Partner with business units and technical teams to implement information risk management processes and supporting procedures.
- Be part of an active team who remains current on emerging risks and technologies, key developments and strategies for the businesses we support.
- Stay informed on emerging technologies, key business drivers, evolving threats and opportunities.
- Five years or more of progressive information risk management experience in one or more disciplines: project/vendor risk assessment, network security, infrastructure/platform security, data/application security, vulnerability/patch management, IT auditing, IT risk and control assessments, and business continuity/disaster recovery planning.
- Professional certification or designation in information security, IT auditing, business continuity and/or disaster recovery a plus, but not a requirement.
- University Degree (Computer Science, Business or Finance preferred, but not required).
- Excellent communication skills (oral and written) including presentation skills with demonstrated ability to present at all organizational levels.
- Ability to work independently and as part of a team, managing multiple priorities within tight deadlines.
- Innovative problem-solving skills with proven ability to exercise flexibility and judgement.
- Ability to learn, know and act upon what is important to Manulife and the specific business units you support.
- Proven ability to build relationships, engage and influence others, work with a diverse internal and international user community, as well as vendors.
- Strong interpersonal skills, including demonstrated ability to be sensitive and professional when communicating across geographical and cultural boundaries.
The right candidate will be offered an excellent remuneration package and please click APPLY NOW or call us on +852 3103 4331 if you are interested.