POSITION SUMMARY:
The Manager, Security Engineering reports directly to Senior Manager – Security Engineering. This position is a critical role in IS&T in safeguarding GEG’s critical assets across both on-premises and cloud environments. The responsibilities of this role will span across technical solution design, implementation of cybersecurity initiatives, collaboration with Risk Management department, and ensuring the robustness of existing security systems.

In addition to tactical execution, this role encompasses assisting in strategic planning, Risk Management and fostering a security-conscious culture.


PRIMARY RESPONSIBILITIES:

• Develop and implement security measures and solutions to safeguard IS&T systems aligning with IS&T standard and the requirement from Risk Management
• Collaborate with cross-functional teams to integrate security into IS&T systems
• Manage the implementation of security projects, from concept to deployment
• Work closely with Risk Management teams to assess and mitigate security risks
• Maintain and enhance existing security infrastructure
• Research and identify potential security solutions based on the latest security trends, technologies and products
• Conduct vulnerability scanning, penetration testing and other security tests to identify potential cyber security risks for IS&T systems and provide structured information to Risk Management for their further investigation or assessment report
• Manage OPEX related to security operations, tools, and personnel
• Assess security vendors based on their capabilities, reputation, and alignment with our security goals
• Maintain strong vendor relationships, monitor service levels, and address any issues promptly
• Coordinate security-related changes across teams, minimizing disruptions. Communicate changes effectively to stakeholders
• Collaborate with Risk Management team to handle incident response efforts when security incidents occur


REQUIREMENTS:

• Bachelor's degree in computer science, information technology, computer engineering, cyber security, or a related study, or equivalent experience
• 5+ years of working experience in IT operations with a deep understanding of infrastructure management, system/network administration, operational and cyber security best practices
• Expertise across a variety of security products including firewalls, intrusion detection/prevention systems, encryption technologies, endpoint security, cloud security and other security tools.
• Continuous learning mindset to stay abreast of the ever-evolving security landscape and emerging technologies
• Experience in managing projects with both external and internal resources
• Excellent written and verbal communication skills with an exceptional ability to communicate in English. The ability to communicate in Cantonese and/or Mandarin will be an advantage
• Exceptional planning and organizational skills
• Exceptional interpersonal skills, including teamwork, facilitation and negotiation
• Exceptional leadership skills
• Exceptional ability to translate business needs into technical requirements
• Exceptional problem-solving skills
• Professional certifications in cyber security would be an asset