Our client: 

A renowned and listed property developer group with investments and regional presence across Asia Pacific.

The role:

Reporting to the Director, IT Security and Governance, Group IT, you will be responsible for IT security governance and policies in this role. Your focus will be to ensure that regulatory requirements and IT security best practices are met, in maintaining a strong risk and governance process. You will be providing recommendations and advisory to the business and IT based on the Company’s Information Security Management System (ISMS) whenever necessary.

Main Responsibilities:

• Maintenance of the Information Security Management System (ISMS) which is based on ISO 27001.

• Advise on and monitor information security risks, control failings and ISMS alignment.

• Manage and update policies, procedures, and controls to assure compliance with applicable regulatory, legal and audit requirements as well as good industry practices.

• Develop a risk management program that identifies and classifies risks, defines appropriate tolerances, prioritizes mitigation activities, and measures risk levels based on Company’s ISMS.

• Develop strong relationships with external audit and key stakeholders to ensure risk management oversight is understood, managed appropriately and current with all standards, guidelines, and applicable regulations.

• Coordinate security user awareness training and phishing simulation tests to promote a security aware culture.

• Develop relevant metrics, analyse data, identify trends and help drive improvements to the IT governance function.

• Act as budget controller in tracking and managing the IT spend. Coordinate the IT budgeting exercise. Drive cost savings through a license standardization and consolidation program.

• Act as manager in charge overseeing and governing the IT operations of the HK Asset Management entity.

Requirements:

• At least a degree in computer science, management information systems or an advanced technology-related degree.

• At least 10 years of working experience in IT with at least 3 years in a governance, risk, and compliance management role.

• Relevant industry certifications such CISSP, CISM, CRISC, CISA, ISO27001 Lead Auditor, etc. are highly desirable.

• Organised, detailed oriented work style with good documentation skills.

• Working experience in developing policies, standards and procedural documentation.

• Skilled at planning, tracking plans, working cross department to review processes and controls, gathering and organizing documentation and test results.

• Ability to effectively communicate and relate to all levels of the organization.

• Ability to manage and prioritize own workload – good planning, organizational, and time management skills.

• Experience with process analysis and improvement, drafting of workflows and procedures.

• Excellent analytical skills and reporting capabilities.

• Strong analytical thinking, written, oral communication and presentation skills.

• Strong command of English. Proficiency in written and spoken Mandarin will be an advantage

If you are a good team player who meets the requirements of the above position, please email a detailed resume in MS Word format with your current photo to:

yh.koh@wisenetasia.com
EA registration number: R1106756

WiseNet Asia Pte Ltd
Licence No. 11C5663

Tel: +65 6337 2231
www.wisenetasia.com

All applications will be treated in strictest confidence.

We regret that only shortlisted candidates will be notified.

WiseNet Asia is a professional Human Resource advisory firm serving the talent needs of our clients.   Established in 2011, we are headquartered in Singapore, with presence in Malaysia, Chongqing, Shanghai and Hong  Kong.  With offices situated in different parts of Asia, our team of headhunters are strategically positioned within the reach of our clients and we can offer quality assistance to international organisations looking to expand their presence in Asia.   We offer services in talent acquisition (Headhunting), talent transition, talent development and HR Outsourcing.