POSITION SUMMARY

As a member of the Plan team, the Assistant Manager - Cyber Security is responsible for protecting GEG's information assets. He/she will work under the supervision and guidance from the Manager to provide support to the development, management and implementation of corporate-wide information security controls.

PRIMARY RESPONSIBILITIES

> Manage and deliver information security projects as planned.
> Drive continuous improvements on information security controls.
> Conduct comprehensive security reviews and provide advices on IS&T projects and initiatives.
> Develop and validate baseline security configurations for operating systems, applications, and networking equipment.
> Lead and coordinate internal/external security reviews activities (e.g. Audit, Penetration Test) and follow up on deficiencies identified and ensure remediation steps have been taken.
> Coordinate the security incident management process with different IS&T teams and business users.
> Build and maintain sustainable relationships with IS&T teams to ensure the security controls are properly understood and implemented.
> Coach junior team members and transfer necessary skills to them for further career development.
> Assist in leading the team to deliver the agreed team goals.
> Assist in building and promoting Information Security Awareness Programme.

REQUIREMENTS

Bachelor's degree in computer science, computer engineering, systems analysis, or a related study, or equivalent experience.
4 or more years of experience in not less than one IT discipline including, but not limited to; application support, application development, data analysis, data center, servers and storage, networking, middleware, database management, IT operations, etc.
Excellent written and verbal communication skills with a strong ability to communicate in English. The ability to communicate in Cantonese and/or Mandarin will be an advantage.
Strong planning and organizational skills.
Strong interpersonal skills, including teamwork, facilitation and negotiation.
Good leadership skills.
Strong analytical and technical skills.
Strong ability to translate business needs into technical requirements.
Strong problem solving skills.
Strong customer service skills.
Good knowledge of financial models and budgeting.
Good ability to tactfully and positively manage and maintain business relationships.
Have at least 2 years of experiences in information security management domains.
CISSP or CISM is required; CRISC or CISA certifications is an added advantage.