107 Cism jobs in Hong Kong

Join to apply for the Information Security Manager role at Michael Page .

1 day ago Be among the first 25 applicants.

Our client is a well-established organization within the financial services sector. With a large workforce and a solid market presence in Hong Kong, they are committed to maintaining high standards in technology and information security.

As a 'Manager, Information Security,' your main responsibilities will include:

• Overseeing the implementation and maintenance of the bank's information security systems.
• Conducting regular audits and risk assessments to ensure adherence to security protocols.
• Developing and implementing information security policies and procedures.
• Training and mentoring staff on information security best practices.
• Conducting cybersecurity assessments, including penetration testing and infrastructure/web application reviews.
• Managing and maintaining security systems such as firewalls, NAC, IPS, and SIEM.
• Leading and coordinating information security projects across departments.
• Managing incident responses and investigations into security breaches.
• Staying updated on the latest trends and developments in information security.
• Reporting on the status of information security to senior management.

A Successful 'Manager, Information Security' Should Have

• A degree in Computer Science, Information Security, or a related field.
• Proven experience in a managerial role within the field of information security.
• Familiarity with information security regulations and standards in the financial services industry.
• Exceptional leadership and communication skills.
• The ability to handle sensitive information with discretion and integrity.

• A competitive salary in the range of HKD 648,000 - HKD 792,000 per annum.
• Standard benefits package.
• The chance to work in a fast-paced, technology-driven environment within the financial services industry.
• Opportunities for career progression and professional development.
• A supportive and collaborative company culture.

We encourage all candidates who believe they can fulfill these responsibilities and possess the necessary qualifications and skills to apply. This is a fantastic opportunity to join a leading financial organization in Hong Kong and make a significant impact in the field of Information Security.

Contact: Alexis Wee

Quote job ref: JN-052025-6742617

• Mid-Senior level

• Full-time

• Information Technology and Engineering

• Financial Services, Accounting, and Banking

Join to apply for the Insurance - Information Security Manager role at Michael Page

1 day ago Be among the first 25 applicants

Join to apply for the Insurance - Information Security Manager role at Michael Page

About Our Client

The hiring company is a large organization within the insurance industry, known for its strong market presence and commitment to innovation. The company offers a collaborative environment and focuses on delivering high-quality services to its clients in Hong Kong.

• Strategic Impact
• Professional Growth
  
  
  

• Deliver expert guidance on security matters related to solution design, business initiatives, and general security inquiries.
• Create and update documentation for security policies and procedures, ensuring consistency with corporate security frameworks and standards.
• Perform risk evaluations on technology implementations and security controls to uncover vulnerabilities and propose mitigation strategies. Maintain a risk log and communicate potential impacts to relevant stakeholders.
• Lead and manage end-to-end security assessments and ISO compliance audits.
• Assist with external audit and regulatory compliance activities, and formulate action plans to address any identified gaps.
• Supervise the handling of security incidents, supporting frontline teams to ensure prompt identification, response, and resolution.
• Regularly assess and refine security policies and operational workflows to strengthen control measures.
• Compile and present security reports to the Chief Security Officer and senior leadership.
  
  
  

• Minimum of 5 years' experience in cybersecurity, risk management, or a related discipline.
• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a similar field.
• Proven success in driving and executing effective security programs and initiatives.
• Strong analytical skills with the ability to navigate complex business environments and work independently.
• Exceptional communication and presentation abilities, capable of translating technical security concepts into business-friendly language.
• Experience in a global or multinational corporate setting is preferred.
• Proficiency in English, both spoken and written.
• Possession of relevant certifications such as CISSP, CISA, OSCP, CEH, ISO 27001, NIST, or equivalent is advantageous.
  
  
  

• Competitive annual salary in the range of HKD 660,000 to HKD 816,000.
• Opportunity to work in a large organization within the insurance industry with a focus on innovation.
• Collaborative company culture that values professional growth and development.
  
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology and Engineering
• Industries Insurance, Financial Services, and Capital Markets

Referrals increase your chances of interviewing at Michael Page by 2x

Get notified about new Information Security Manager jobs in Hong Kong, Hong Kong SAR .

Sha Tin District, Hong Kong SAR 1 week ago

Kwun Tong District, Hong Kong SAR 2 months ago

Sha Tin District, Hong Kong SAR 2 weeks ago

Kwai Tsing District, Hong Kong SAR 1 week ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Insurance - Information Security Manager role at Michael Page

1 day ago Be among the first 25 applicants

Join to apply for the Insurance - Information Security Manager role at Michael Page

About Our Client
The hiring company is a large organization within the insurance industry, known for its strong market presence and commitment to innovation. The company offers a collaborative environment and focuses on delivering high-quality services to its clients in Hong Kong.

• Strategic Impact
• Professional Growth
  

• Deliver expert guidance on security matters related to solution design, business initiatives, and general security inquiries.
• Create and update documentation for security policies and procedures, ensuring consistency with corporate security frameworks and standards.
• Perform risk evaluations on technology implementations and security controls to uncover vulnerabilities and propose mitigation strategies. Maintain a risk log and communicate potential impacts to relevant stakeholders.
• Lead and manage end-to-end security assessments and ISO compliance audits.
• Assist with external audit and regulatory compliance activities, and formulate action plans to address any identified gaps.
• Supervise the handling of security incidents, supporting frontline teams to ensure prompt identification, response, and resolution.
• Regularly assess and refine security policies and operational workflows to strengthen control measures.
• Compile and present security reports to the Chief Security Officer and senior leadership.
  

• Minimum of 5 years' experience in cybersecurity, risk management, or a related discipline.
• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a similar field.
• Proven success in driving and executing effective security programs and initiatives.
• Strong analytical skills with the ability to navigate complex business environments and work independently.
• Exceptional communication and presentation abilities, capable of translating technical security concepts into business-friendly language.
• Experience in a global or multinational corporate setting is preferred.
• Proficiency in English, both spoken and written.
• Possession of relevant certifications such as CISSP, CISA, OSCP, CEH, ISO 27001, NIST, or equivalent is advantageous.
  

• Competitive annual salary in the range of HKD 660,000 to HKD 816,000.
• Opportunity to work in a large organization within the insurance industry with a focus on innovation.
• Collaborative company culture that values professional growth and development.
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology and Engineering
• Industries Insurance, Financial Services, and Capital Markets

Referrals increase your chances of interviewing at Michael Page by 2x

Get notified about new Information Security Manager jobs in Hong Kong, Hong Kong SAR .

Sha Tin District, Hong Kong SAR 1 week ago

Kwun Tong District, Hong Kong SAR 2 months ago

Sha Tin District, Hong Kong SAR 2 weeks ago

Kwai Tsing District, Hong Kong SAR 1 week ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

2 days ago Be among the first 25 applicants

We are seeking a highly capable and experienced professional with approximately 10 years of experience in cybersecurity governance, and IT audit and security assessment support. This role focuses on leading security assessments in collaboration with technical teams, reviewing and translating technical findings into clear and impactful reports for clients, regulators, and senior management. The ideal candidate will possess strong analytical skills, excellent communication abilities, and a solid understanding of security controls across various technology domains.

Your Role

• Lead and coordinate security assessments across infrastructure, applications, and cloud environments, working closely with technical SMEs.
• Interface with technical teams to understand control implementation and translate findings into governance insights.
• Prepare high-quality security reports and presentations tailored for client and senior stakeholders.
• Support responses to client and regulatory security inquiries, ensuring accuracy, clarity, and timely delivery.
• Support the development of security reporting and risk metrics
• Contribute to the development and refinement of security policies, standards, and procedures.
• Support audit and assessment activities, including evidence collection and coordination with internal teams.
• Promote security awareness and contribute to training initiatives across the organization.

To Succeed in this Role

• Minimum 10 years of experience in cybersecurity governance, technology risk, or audit-related roles.
• Strong understanding of security controls across infrastructure, application, and cloud domains.
• Proven ability to work with technical teams and translate technical content into business-friendly reporting.
• Experience in preparing client-facing documentation and presentations.
• Excellent written and verbal communication skills in English.
• Familiarity with regulatory frameworks and standards (e.g., ISO 27001, NIST, CIS).
• Relevant certifications such as CISM, CRISC, ISO 27001 Lead Implementer, or equivalent are preferred.

Preferred Attributes

• Experience in regulated industries such as finance, healthcare, or insurance.
• Strong stakeholder engagement and coordination skills.
• Detail-oriented with a proactive and structured approach to governance.
• Familiarity with GRC

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Software Development, Information Services, and Technology, Information and Media

Referrals increase your chances of interviewing at PCCW by 2x

Get notified about new Information Security Specialist jobs in Hong Kong, Hong Kong SAR .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

2 days ago Be among the first 25 applicants

We are seeking a highly capable and experienced professional with approximately 10 years of experience in cybersecurity governance, and IT audit and security assessment support. This role focuses on leading security assessments in collaboration with technical teams, reviewing and translating technical findings into clear and impactful reports for clients, regulators, and senior management. The ideal candidate will possess strong analytical skills, excellent communication abilities, and a solid understanding of security controls across various technology domains.

Your Role

• Lead and coordinate security assessments across infrastructure, applications, and cloud environments, working closely with technical SMEs.
• Interface with technical teams to understand control implementation and translate findings into governance insights.
• Prepare high-quality security reports and presentations tailored for client and senior stakeholders.
• Support responses to client and regulatory security inquiries, ensuring accuracy, clarity, and timely delivery.
• Support the development of security reporting and risk metrics
• Contribute to the development and refinement of security policies, standards, and procedures.
• Support audit and assessment activities, including evidence collection and coordination with internal teams.
• Promote security awareness and contribute to training initiatives across the organization.

To Succeed in this Role

• Minimum 10 years of experience in cybersecurity governance, technology risk, or audit-related roles.
• Strong understanding of security controls across infrastructure, application, and cloud domains.
• Proven ability to work with technical teams and translate technical content into business-friendly reporting.
• Experience in preparing client-facing documentation and presentations.
• Excellent written and verbal communication skills in English.
• Familiarity with regulatory frameworks and standards (e.g., ISO 27001, NIST, CIS).
• Relevant certifications such as CISM, CRISC, ISO 27001 Lead Implementer, or equivalent are preferred.

Preferred Attributes

• Experience in regulated industries such as finance, healthcare, or insurance.
• Strong stakeholder engagement and coordination skills.
• Detail-oriented with a proactive and structured approach to governance.
• Familiarity with GRC

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Software Development, Information Services, and Technology, Information and Media

Referrals increase your chances of interviewing at PCCW by 2x

Get notified about new Information Security Specialist jobs in Hong Kong, Hong Kong SAR .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

About Dah Sing Group
The Dah Sing Group is a leading financial services group in Hong Kong offering banking, insurance, financial and other related services through its growing network of over 70 branches in Hong Kong, Macau and Mainland China.
Our currency is caring, teamwork and progressiveness. We accept that everyone is unique and different in talent, but alike in the capacity for growth. Our task is to shape a culture that creates a sense of pride in achieving something beyond just a job, and an environment where you can be your true and authentic self, like at home.



Job Purpose:


Reporting to the Head of Information Security to support delivering information security services and carrying out information security related activities.



Job Description of the position:


• Conduct cyber security testing covering penetration test, Infra and Web Manage security tools
• Manage network security system covering firewall, NAC, IPS, SIEM and etc.
• Act as project manager role on Information security projects.
• Support and Analyze cybersecurity incidents and make recommendations on remedial actions.
• Define and design adequate security controls to maintain secure control environment.
• Provide security advisory service to stakeholders on new initiatives and development projects.
• Implement systems and procedures to enable digital forensics capabilities
• Maintain Cyber Incident Response plan and playbook. Conduct cyber incident response drill in regular basis.



Incumbent Requirements:


• University graduate in Computer Science / Information Technology or equivalent.
• Minimum 6 years of relevant work experience in information security, cybersecurity or technology risk
• Possess one or more professional certificates : OCSP, CISSP, CISM, CCSP, CISA
• Solid experience on penetration test, red/blue team exercise and network security including firewall, NAC, IPS.
• Sound knowledge of regulators' requirement on Cyber Resilience Assessment Framework (CRAF)
• Sound knowledge of vulnerability management and threat intelligence analysis.
• Strong communication in both Chinese and English; Good communication and interpersonal skills.
• Mature, independent and able to deliver quality results under tight schedule.


Please note that only shortlisted candidates will be notified.

Get AI-powered advice on this job and more exclusive features.

The team is currently seeking for technically strong and self-motivated Security professional to join them.

Your role:

• Conduct comprehensive risk and control assessments to identify, evaluate, monitor, and mitigate risks across IT systems, applications, and network operations.
• Conduct red/purple team operation and penetration testing to identify vulnerabilities and assess the effectiveness of security controls.
• Implement remediation plans based on test findings to strengthen the security posture.
• Support security teams in defining, assessing, and managing security operations through appropriate policies, procedures, and control frameworks.
• Proactively evaluate IT control processes and activities to ensure the control environment is effectively designed and functioning.
• Facilitate audit and security control reviews with internal teams and external parties, prioritizing and mitigating risks to acceptable levels.
• Enhance security measures such as threat detection, attack penetration, and mitigation based on current and emerging threats.
• Promote communication and collaboration between internal teams and external parties on risk and cybersecurity matters.

To succeed in this role:

• Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Software Engineering, or related fields.
• 5+ years of hands-on experience in red/purple team exercises, penetration testing, and DevSecOps.
• Sound knowledge in Information Security, Business Continuity, Project Management, Application Security and industry best practices.
• OR Experience in 24/7 SOC with experience in SIEM, EDR, IDS/IPS, and SOAR solutions will also be considered, but not mandatory
• It will be a plus to hold the following certifications: CISSP, CISA, CISM, OSCP, CEH, CRTP, and CRT
• Excellent presentation and communication skills in English and Chines

For candidates who are interested, please submit your application with your latest CV attached. Please note that only shortlisted profiles will be notified.

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Information Services, Technology, Information and Media, and IT Services and IT Consulting

Referrals increase your chances of interviewing at PrimePeak Group by 2x

Get notified about new Security Consultant jobs in Hong Kong, Hong Kong SAR .

Eastern District, Hong Kong SAR 1 week ago

Central & Western District, Hong Kong SAR 4 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Get AI-powered advice on this job and more exclusive features.

The team is currently seeking for technically strong and self-motivated Security professional to join them.

Your role:

• Conduct comprehensive risk and control assessments to identify, evaluate, monitor, and mitigate risks across IT systems, applications, and network operations.
• Conduct red/purple team operation and penetration testing to identify vulnerabilities and assess the effectiveness of security controls.
• Implement remediation plans based on test findings to strengthen the security posture.
• Support security teams in defining, assessing, and managing security operations through appropriate policies, procedures, and control frameworks.
• Proactively evaluate IT control processes and activities to ensure the control environment is effectively designed and functioning.
• Facilitate audit and security control reviews with internal teams and external parties, prioritizing and mitigating risks to acceptable levels.
• Enhance security measures such as threat detection, attack penetration, and mitigation based on current and emerging threats.
• Promote communication and collaboration between internal teams and external parties on risk and cybersecurity matters.

To succeed in this role:

• Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Software Engineering, or related fields.
• 5+ years of hands-on experience in red/purple team exercises, penetration testing, and DevSecOps.
• Sound knowledge in Information Security, Business Continuity, Project Management, Application Security and industry best practices.
• OR Experience in 24/7 SOC with experience in SIEM, EDR, IDS/IPS, and SOAR solutions will also be considered, but not mandatory
• It will be a plus to hold the following certifications: CISSP, CISA, CISM, OSCP, CEH, CRTP, and CRT
• Excellent presentation and communication skills in English and Chines

For candidates who are interested, please submit your application with your latest CV attached. Please note that only shortlisted profiles will be notified.

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Information Services, Technology, Information and Media, and IT Services and IT Consulting

Referrals increase your chances of interviewing at PrimePeak Group by 2x

Get notified about new Security Consultant jobs in Hong Kong, Hong Kong SAR .

Eastern District, Hong Kong SAR 1 week ago

Central & Western District, Hong Kong SAR 4 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Manager, Information Security Policy & Compliance role at The Hong Kong Jockey Club

4 days ago Be among the first 25 applicants

Join to apply for the Manager, Information Security Policy & Compliance role at The Hong Kong Jockey Club

Job Summary

Reporting to the Senior Manager, ISRA, you will be a key member involved in uplifting the Club’s information security assurance as a second line of defence. You will be developing and maintaining Information Security Policy, Acceptable Use Policy and other policies. You will also be designing and implementing a compliance self-assessment programme for the compliance of the policies. You will also be involved in other information security assurance and technology risk management activities as assigned.

Job Summary

Reporting to the Senior Manager, ISRA, you will be a key member involved in uplifting the Club’s information security assurance as a second line of defence. You will be developing and maintaining Information Security Policy, Acceptable Use Policy and other policies. You will also be designing and implementing a compliance self-assessment programme for the compliance of the policies. You will also be involved in other information security assurance and technology risk management activities as assigned.

The Job

You will:

• Develop and maintain information security policies.
• Perform compliance assessment against information security policies.
• Assist in programme management, and work with external consultants to deliver technology risk and information security projects.
• Conduct information security risk assessments and control assurance testing.
• Assist in delivering information security initiatives and prepare necessary documentation.
• Assist in technology risk management activities.
• Monitor and report on security metrics and trends to monitor the technology and information security risks.
• Promote security awareness within the organization, fostering a culture of risk management.
  
  
  

• University degree in Computer Science, Information Technology, Cybersecurity, Engineering, Risk Management or related fields.
• 5 to 7 years of practical experience in Cyber Security or Technology Risk roles.
• Hands-on experience in enterprise security infrastructure, risk assessments, and security testing.
• Experience with identity and access management systems and principles.
• Familiarity with security frameworks and standards (e.g. ISO27001, NIST).
• Understand second line of defence roles and responsibilities.
• Relevant certifications such as CISSP, CISA or CISM are preferred.
  
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Non-profit Organizations

Referrals increase your chances of interviewing at The Hong Kong Jockey Club by 2x

Kwun Tong District, Hong Kong SAR 1 month ago

Kwun Tong District, Hong Kong SAR 4 days ago

Sha Tin District, Hong Kong SAR 1 week ago

Sha Tin District, Hong Kong SAR 2 weeks ago

Sha Tin District, Hong Kong SAR 1 week ago

Sha Tin District, Hong Kong SAR 1 week ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.