• 5 day work
• At least 3 years in IT security, IT audit or risk management
• CISSP, CISA will be preferred

Key Responsibilities:

• Formulate IT policies and ensure compliance with international frameworks (ISO 27001, SOC2) and HK financial regulations
• Monitor critical IT controls and ITSM processes within cloud-native environments, optimizing incident management and disaster recovery.
• Facilitate internal/external regulatory audits and oversee third-party outsourcing provider performance and SLAs.
• Maintain GRC systems and explore AI agent capabilities to streamline and automate governance workflows

Requirement: 

• Bachelor’s degree in computer science, Information Technology, or a related discipline; professional credentials such as CISSP or CISA are highly preferred.
• At least 3 years of cyber, technology risk management, IT compliance, IT audit related experience; experience in cloud-native environments is a plus.
• Be familiar with the global industry security standards and frameworks, such as SOC, NIST, ISO27001, etc.;
• Fluent in English, Cantonese, and Mandarin (spoken and written)