Senior Director, Technology Security and IT Risk (CISO)

Job Title: Senior Director, Technology Security and IT Risk (CISO)
Contract Type: Permanent
Location: Hong Kong
Industry: Technology
Reference: 53162_1678524963
Contact Name: Karen Cheng
Contact Email:

Job Description

About the Role

Reporting to the CIO, you will establish and execute strategic, comprehensive enterprise information security program directives and plans, including any and all district-wide information security training efforts to ensure that the confidentiality, integrity, and availability of information is owned, controlled or processed in a manner compliant with company policy and relevant regulatory authorities. Develop and maintain information security policies, standards, guidelines and oversee the dissemination of security policies and practices; identify knowledge gaps to increase district awareness of relevant information security practices. Provide leadership and guidance on information security topics, advising and collaborating on security processes, business continuity, and disaster recovery plans. Monitor external threat environment for emerging threats and advise relevant stakeholders on appropriate courses of action. Lastly, liaise with relevant business units (such as Internal Audit, Law, Finance, Safety & Security, Risk Management, HR teams), and external agencies as needed to ensure that the company maintains a strong security posture.

The Successful Applicant

  • Minimum of seven 10 years' experience in information technology field, with five to seven years of experience in an information security role.
  • Proven track record and experience in developing information security programs, policies and procedures, including successful implementations in medium to large enterprise environments.
  • Proven experience in Information Security, IT Risk Management, digital trust, IT regulatory, data protection, and business continuity management.
  • Having certifications as ISO 27005, ISO 22301, ISO 27001, CISSP, CISM, ITIL
  • Experience in designing and managing new and existing security systems.
  • Ability to advise infrastructure and applications staff in securing their respective environments.
  • Strong ability to convey security information to non-technical end-users in a way that inspires adoption and adherence to all IT and Board security policies and programs.
  • Exhibit strong written and verbal communication skills, interpersonal and collaborative skills.
  • Good command in English and Chinese

Click "Apply Now" to apply for this position or call Karen Cheng at +852 3180 4921 for a confidential discussion. All information collected will be kept in strict confidence and will be used for recruitment purpose only.