Lead, Information Security Assurance
Hong Kong

Lead, Information Security Assurance

Artia13 10 Views

Emploi Hong Kong

Titre du poste : Lead, Information Security Assurance

Entreprise : AXA Hong Kong and Macau

Description du poste : About AXA Hong Kong and MacauAXA Hong Kong and Macau is a member of the AXA Group, a leading global insurer with presence in 50 markets and serving 95 million customers worldwide. Our purpose is to act for human progress by protecting what matters.As one of the most diversified insurers in Hong Kong, we offer integrated solutions across Life, Health and General Insurance. We are the largest General Insurance provider and a major Health and Employee Benefits provider. Our aim is to not only be the insurer to provide comprehensive protection to our customers, but also a holistic partner to the individuals, businesses and community we serve. At the core of our service commitment is continuous product & service innovation and customer experience enrichment, which is achieved through actively listening to our customers’ needs and leveraging and investing in technology and digital transformation.We embrace our responsibility to be a driving force against climate change and a force for good to create shared value for our community. We are proud to be the first to address the importance of mental health through different products and services and thought leading iconic research. Our overall Sustainability Strategy, with emphasis on climate strategy and biodiversity commitment, is developed based on TCFD recommendations. We are committed to integrating environmental, social and governance factors across our business and strive to contribute to a sustainable future through 3 distinct roles – as an investor, an insurer and an exemplary company.AXA is an equal opportunity employer. We are committed to promoting Diversity and Inclusion (D&I) by creating a work environment where all employees are treated with dignity, respect, and where individual differences are valued. We welcome and treasure diverse profiles to join our big family, and to build an inclusive culture together which allows everyone to maximise their personal potential.Our people strategies are designed to enhance employee well-being and professional growth, ultimately empowering them to excel within the company. Click here to learn more about our Benefits (https://www.axa.com.hk/en/benefits) , Culture (https://www.axa.com.hk/en/culture-and-values), & Career Development (https://www.axa.com.hk/en/career-development).About AXA Hong Kong and MacauAXA Hong Kong and Macau is a member of the AXA Group, a leading global insurer with presence in 50 markets and serving 95 million customers worldwide. Our purpose is to act for human progress by protecting what matters.As one of the most diversified insurers in Hong Kong, we offer integrated solutions across Life, Health and General Insurance. We are the largest General Insurance provider and a major Health and Employee Benefits provider. Our aim is to not only be the insurer to provide comprehensive protection to our customers, but also a holistic partner to the individuals, businesses and community we serve. At the core of our service commitment is continuous product & service innovation and customer experience enrichment, which is achieved through actively listening to our customers’ needs and leveraging and investing in technology and digital transformation.We embrace our responsibility to be a driving force against climate change and a force for good to create shared value for our community. We are proud to be the first to address the importance of mental health through different products and services and thought leading iconic research. Our overall Sustainability Strategy, with emphasis on climate strategy and biodiversity commitment, is developed based on TCFD recommendations. We are committed to integrating environmental, social and governance factors across our business and strive to contribute to a sustainable future through 3 distinct roles – as an investor, an insurer and an exemplary company.AXA is an equal opportunity employer. We are committed to promoting Diversity and Inclusion (D&I) by creating a work environment where all employees are treated with dignity, respect, and where individual differences are valued. We welcome and treasure diverse profiles to join our big family, and to build an inclusive culture together which allows everyone to maximise their personal potential.Our people strategies are designed to enhance employee well-being and professional growth, ultimately empowering them to excel within the company. Click here to learn more about our Benefits (https://www.axa.com.hk/en/benefits) , Culture (https://www.axa.com.hk/en/culture-and-values), & Career Development (https://www.axa.com.hk/en/career-development).The Manager, Security will work with other security managers in the team. The Security team is responsible for the organization’s security risk, cyber resilience, and operational resilience. The candidate should possess proven experience in information security with a strong technical background and exposure to security governance, assurance, and risk management.The candidate is required to comply with group security standards and regulatory requirements, maintain security policies and process documents, and collaborate with business and project teams to align with corporate security standards and controls, thereby maintaining the organization’s security posture.Sound understanding of international security standards (ISO 27001 / NIST) is essential, along with exposure to public cloud security, privileged account management, SIEM, data leakage prevention, anti-DDoS, WAF, proxy gateways, vulnerability management, and operational resilience.The candidate should possess strong presentation and communication skills. Provide security advice to business and project teams to ensure alignment with corporate security standards and controls, documenting security recommendations and mitigation options in clear, business-intelligible language. Ensuring security compliance with legal and regulatory requirements is also crucial. Experience working in a multi-national organization would be beneficial but not a requirement.Responsibilities:

  • Provide professional security advisory and recommendations on solutions architecture, business project requirements, and security related enquiry.
  • Develop and maintain security policies and process documentation. Ensure alignment with Corporate Security standards and controls.
  • Conduct security risk assessment on technology solutions and/or technical controls to identify potential security threats and vulnerabilities and develop strategies to mitigate risks. Maintain security risk register, and communicate identified risks and impacts to stakeholders.
  • Conduct security assessment and ISO audit and managing the exercise from end-to-end.
  • Support external security audits and compliance assessments, devising mitigation measures to effectively address findings.
  • Oversee security incident management and support the first line to ensure timely detection, response, and resolution of security incidents.
  • Periodically review and update security policies and operational processes for security control enhancement.
  • Prepare management reports for the Chief Security Officer and the Management team.

Qualifications:

  • 5+ years of experience in information security, security risk, or a related area.
  • Degree in Information Security, Computer Science, Information Management Systems, or a related field.
  • Demonstrated track record in leading and implementing successful information security initiatives and programs.
  • Ability to apply analytical rigor to understand complex business scenarios, with strong problem-solving skills and the ability to work independently.
  • Excellent presentation and communication skills, with the ability to convey complex security concepts in clear, business-intelligible language.
  • Experience working in a multinational organization is advantageous.
  • Fluent in English (verbal and written).
  • Relevant certifications (e.g., CISSP, CISA, OSCP, CEH, ISO 27001, NIST, or equivalent) are a plus.

This position offers an exciting opportunity to Security function and contribute to the overall security posture of the organization. We encourage qualified candidates who are passionate about security to apply.

Salaire attendu :

Localisation : Hong Kong

Date du poste : Thu, 15 May 2025 07:29:16 GMT

Postulez dès maintenant !

Artia13

Depuis 1998, je poursuis une introspection constante qui m’a conduit à analyser les mécanismes de l’information, de la manipulation et du pouvoir symbolique. Mon engagement est clair : défendre la vérité, outiller les citoyens, et sécuriser les espaces numériques. Spécialiste en analyse des médias, en enquêtes sensibles et en cybersécurité, je mets mes compétences au service de projets éducatifs et sociaux, via l’association Artia13. On me décrit comme quelqu’un de méthodique, engagé, intuitif et lucide. Je crois profondément qu’une société informée est une société plus libre.

Artia13 has 14401 posts and counting. See all posts by Artia13

Vous Aimerez Peut-être Aussi

Lead, Information Security Assurance

Assistant / Administration Manager

Artia13
Lead, Information Security Assurance

PR/Public Affairs/Community Relations Account Executive/ Senior AE

Artia13
Lead, Information Security Assurance

Assistant Supply Chain Manager

Artia13