Apply now »
Req ID:  2205
Company:  Jebsen and Company Limited
Business Line:  Group Functions
Work City:  Hong Kong
Job Function:  Information Technology

Information Security Manager

Purpose of the Job

The Information Security Manager will be responsible for developing and implementing information security strategies, policies, and procedures to protect our organization from cyber threats and ensure compliance with relevant regulations.  He/she will work closely with information security service partners to protect our company from any form of information security and data breach. 

Responsibilities

•    Develop and implement information security strategies, policies, and procedures that align with the organization's business objectives and regulatory requirements.
•    Monitor internal and external policy compliance. He/she will ensure both our vendors and employees understand our cybersecurity risk management policies operate within that framework. 
•    Design and implement security controls to protect data and systems from unauthorized access, modification, or destruction.
•    Work with security vendors to conduct regular risk assessments and vulnerability assessments to identify potential threats and vulnerabilities in the organization's systems, networks, and applications.
•    Implement and oversee technological upgrades, improvements and major changes to the information security environment.
•    Oversee information security audits, whether by performed by organization or third-party personnel.
•    Serve as a focal point of contact for the information security team and the customer or organization.
•    Communicate information security goals and new programs effectively with other department managers within the organization.
•    Plan and execute security awareness and training programs to promote a culture of security awareness across the organization.
•    Manage security incidents and investigations, including identifying, containing, and resolving security incidents in a timely and effective manner.
•    Collaborate with internal stakeholders to ensure compliance with relevant laws, regulations, and industry standards.
•    Maintain up-to-date knowledge of the latest trends, technologies, and best practices in information security.
•    Leverage Global/Regional best practices and security solutions.
•    Develop and manage security budgets, contracts, and vendor relationships.

Requirements

  • Bachelor's degree in Computer Science, Information Technology, or related field.
  • At least 5 years of experience in information security management.
  • Strong knowledge of security frameworks, standards, and regulations (e.g., ISO 27001, NIST CSF, GDPR, HIPAA).
  • Experience with vulnerability assessment tools, penetration testing tools, and security incident response tools.
  • Excellent communication and interpersonal skills, with the ability to collaborate effectively with internal and external stakeholders.
  • Strong analytical and problem-solving skills.
  • Relevant certifications such as CISSP, CISM, or CISA are preferred.
  • Strong oral, verbal and written communication skills in English, Cantonese & Mandarin

Apply now »