POSITION SUMMARY:
The Senior Manager, Security Engineering reports directly to the AVP – System and Cloud Engineering. This position is a critical role in IS&T in safeguarding GEG’s critical assets across both on-premises and cloud environments. The responsibilities of this role will span across technical solution design, implementation of cybersecurity initiatives, collaboration with risk management department, and ensuring the robustness of existing security systems.

In addition to tactical execution, this role encompasses assisting in strategic planning, risk management and fostering a security-conscious culture.


PRIMARY RESPONSIBILITIES:
'• Lead the design and architecture of security solutions, ensuring they align with business objectives and industry best practices
• Collaborate with cross-functional teams to integrate security into IS&T systems
• Collaborate with executive leadership to prioritize security investments
• Lead the design and architecture of security solutions, ensuring scalability and resilience
• Oversee the implementation of security projects, from concept to deployment
• Work closely with risk management teams to assess and mitigate security risks
• Maintain and enhance existing security infrastructure
• Advocate for security awareness at all levels
• Promote adherence to industry standards and frameworks
• Manage OPEX related to security operations, tools, and personnel
• Assess security vendors based on their capabilities, reputation, and alignment with our security goals
• Maintain strong vendor relationships, monitor service levels, and address any issues promptly
• Coordinate security-related changes across teams, minimizing disruptions. Communicate changes effectively to stakeholders
• Lead incident response efforts when security incidents occur


REQUIREMENTS:
• Bachelor's degree in computer science, information technology, computer engineering, cyber security, or a related study, or equivalent experience
• 10+ years of working experience in IT operations with a deep understanding of infrastructure management, system/network administration, operational and cyber security best practices
• Expertise across a variety of security products including firewalls, intrusion detection/prevention systems, encryption technologies, endpoint security, cloud security and other security tools.
• Continuous learning mindset to stay abreast of the ever-evolving security landscape and emerging technologies
• Experience in managing projects with both external and internal resources
• Excellent written and verbal communication skills with an exceptional ability to communicate in English. The ability to communicate in Cantonese and/or Mandarin will be an advantage
• Exceptional planning and organizational skills
• Exceptional interpersonal skills, including teamwork, facilitation and negotiation
• Exceptional leadership skills
• Exceptional ability to translate business needs into technical requirements
• Exceptional problem-solving skills
• Professional certifications in cyber security would be an asset