Our Client is A Leading Insurance Firm
Responsibilities:

• Information Security Strategic Leadership - Develop and implement an enterprise-wide information security strategy aligned with business goals. Establish security policies, standards, and procedures to mitigate risks effectively and ensure compliance with industry standards and regulatory requirements in fit for purpose approach.
• Cyber Security Delivery - Manage security projects from inception to delivery, ensuring they meet business requirements and compliance standards. Oversee the implementation of robust cyber security measures and incident response plans.
• Team Management - Build, mentor, and lead a high-performing information security team, promoting a culture of security awareness across the organization.
• Stakeholder Engagement - Collaborate with other departments to ensure a cohesive approach to security across the organization. Serve as the primary liaison for security-related issues with external partners, vendors, and regulatory bodies.
• Compliance and Governance - Ensure compliance with legal, regulatory (insurance authority and Bermuda), and contractual obligations related to information security. Maintain and update security governance frameworks, such as ISO 27001 or NIST. Take on this role within relevant regulatory frameworks, and in this capacity, lead the design, implementation, and communication of information security measures to ensure compliance with regulatory requirements.
• Key Project Contributor - Contribute in both Business As Usual (BAU) and strategic project initiatives to develop practical and cost-effective security solutions that align with business requirements.
• Risk Management - Conduct regular risk assessments to identify vulnerabilities and threats. Prioritize risks and develop appropriate remediation strategies.
• Security Operations - Oversee daily security operations, including monitoring security systems and responding to incidents. Conduct regular security audits and vulnerability assessments.
• Incident Response - Lead the incident response team in detecting, responding to, and recovering from security breaches. Develop and conduct post-incident reviews to improve security measures.
• Training and Awareness - Implement training programs to educate employees about information security best practices. Foster a culture of security awareness throughout the organization.

Requirements:

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. A Master’s degree or relevant certifications (e.g., CISSP, CISM, CISA) is preferred.
• Strong understanding of cybersecurity frameworks and standards, e.g. NIST, ISO 27001
• Minimum of 12 years of experience in information security, with a focus on leadership roles & cyber security delivery and program management
• Strong project management skills with the ability to prioritize tasks, manage timelines, and coordinate multiple projects simultaneously and manage budget effectively.
• In-depth knowledge of security protocols, encryption technologies, firewalls, and intrusion detection/prevention systems, threat landscape, and industry good practices
• Proven track record in cyber security environment within professional services or an in-house information security function, preferably in Insurance or Banking Services
• Experience of dealing with insurance authority or / and monetary authority of Hong Kong
• Experience in Cybersecurity requirements of mainland China.
• Strong analytical, problem-solving, and communication skills, with the ability to collaborate effectively with individuals at all levels, both internal and external, whether they are in IT or non-IT roles.
• Strong self-drive and ownership; can-do mindset and comfort with stepping out of comfort zone to lead teams to solve problems.
• Strong analytical skills and ability to think strategically, interpret data and generate actionable insights, identify opportunities, and develop innovative digital solutions.
• Proficiency in both written and spoken English, Cantonese and Putonghua

Interested parties, please send your CV in MS Word format with an indication on present and expected salary to Mr. Lee via email at alee@wwhcc.com, thanks!

BACK