Major Responsibilities

Oversee and strengthen the organization’s overall cyber security posture
Design and implement mitigation measures for identified risks or negative trends
Create and manage processes for gathering, analyzing, and distributing cyber threat intelligence
Carry out cyber resilience assessments and contribute to risk metrics reporting
Develop and coordinate the company’s cyber resilience strategy, interpret controls and regulatory requirements, and recommend best practices for implementation
Provide expert guidance on cyber security aspects of IT project architecture
Collaborate with stakeholders to plan and prepare the cyber security budget
Direct and supervise operations of the Security Operations Center (SOC)
Work with auditors on cyber resilience evaluations and intelligence‑led attack simulation testing (iCAST)
Engage with regulators on matters related to cyber security
Handle additional tasks or projects as assigned by supervisors

Requirements

Holds a university qualification in IT, cyber security, computer science, or a related discipline
At least 6 years of professional experience in cyber security, technology risk management, or auditing
Strong grasp of technology risk management and cyber security practices, with broad exposure to FinTech, data privacy, and industry standards
Knowledgeable in ISO27001, CSA STAR, HKMA CFI 2.0, and other relevant frameworks and guidelines
Possession of certifications such as CISA, CISM, CDPSE, CRISC, CISSP, CEH, CCSP, or similar credentials is highly desirable
Collaborative team player with effective interpersonal and communication abilities
Demonstrates advanced analytical and problem‑solving skills
Proficient in both written and spoken English and Chinese

‍