Our client, a leading insurance firm in the region, is looking for highly skilled and experienced Lead Information Security Risk Specialist to join their team in Hong Kong. As a Lead Information Security Risk Specialist, you will lead be part of a team of dedicated professionals that will work closely with stakeholders across the organization to ensure that the internal information security practices align with industry standards and regulatory requirements. This role presents a unique opportunity to contribute to the strategic direction of our security initiatives and play a pivotal role in enhancing our overall risk posture.
Responsibilities
Lead and oversee the development and implementation of information security risk management strategies, policies, and procedures.
Conduct regular risk assessments and audits to identify vulnerabilities and assess the effectiveness of existing controls.
Collaborate with internal teams to prioritize security initiatives and allocate resources effectively.
Stay abreast of emerging threats and vulnerabilities, and proactively address potential risks to our systems and data.
Provide guidance and support to project teams to ensure that security considerations are integrated throughout the software development lifecycle.
Serve as a subject matter expert on security-related matters, providing advice and recommendations to senior management and key stakeholders.
Foster a culture of security awareness and accountability across the organization through training, awareness programs, and regular communication.
Establish and maintain strong relationships with external partners, vendors, and regulatory bodies to stay informed of industry trends and best practices
Requirements
Bachelor's degree in Computer Science, Information Security, or related field. Advanced degree or relevant certifications (e.g., CISSP, CISM, CISA) preferred.
Minimum of 10 years of experience in information security, with a focus on risk management, authentication, and project management.
Deep understanding of security frameworks, standards, and regulations, including ISO 27001, NIST, GDPR and HKIA
Proven track record of leading complex security projects and driving initiatives to completion.
Strong analytical and problem-solving skills, with the ability to assess and mitigate security risks effectively.
Experience with authentication technologies such as multi-factor authentication (MFA), single sign-on (SSO), and identity and access management (IAM) systems.
Excellent communication and interpersonal skills, with the ability to influence and collaborate with stakeholders at all levels of the organization.
Strong project management skills, with the ability to manage multiple projects simultaneously and deliver results on time and within budget.
Prior experience in the insurance sector or financial services industry is a plus.
Fluency in English and Cantonese is required.
If you are a proactive and results-driven individual looking to make a significant impact in the field of information security, we encourage you to apply for this position.
