101 Data Compliance jobs in Hong Kong
Data Privacy Compliance Manager
Posted today
Job Viewed
Job Description
Who we are is what we do.
Deel is the all-in-one payroll and HR platform for global teams. Our vision is to unlock global opportunity for every person, team, and business. Built for the way the world works today, Deel combines HRIS, payroll, compliance, benefits, performance, and equipment management into one seamless platform. With AI-powered tools and a fully owned payroll infrastructure, Deel supports every worker type in 150+ countries—helping businesses scale smarter, faster, and more compliantly.
Among the largest globally distributed companies in the world, our team of 6,000 spans more than 100 countries, speaks 74 languages, and brings a connected and dynamic culture that drives continuous learning and innovation for our customers.
Why should you be part of our success story?
As the fastest-growing Software as a Service (SaaS) company in history, Deel is transforming how global talent connects with world-class companies – breaking down borders that have traditionally limited both hiring and career opportunities. We're not just building software; we're creating the infrastructure for the future of work, enabling a more diverse and inclusive global economy. In 2024 alone, we paid $11.2 billion to workers in nearly 100 currencies and provided healthcare and benefits to workers in 109 countries—ensuring people get paid and protected, no matter where they are.
Our momentum is reflected in our achievements and customer satisfaction: CNBC Disruptor 50, Forbes Cloud 100, Deloitte Fast 500, and repeated recognition on Y Combinator's top companies list – all while maintaining a 4.83 average rating from 15,000 reviews across G2, Trustpilot, Captera, Apple and Google.
Your experience at Deel will be a career accelerator. At the forefront of the global work revolution, you'll tackle complex challenges that impact millions of people's working lives. With our momentum—backed by a $2 billion valuation and 1 B in Annual Recurring Revenue (ARR) in just over five years—you'll drive meaningful impact while building expertise that makes you a sought-after leader in the transformation of global work.
Responsibilities
- Collaborate with the Deel Compliance Team to help execute activities for implementation, administration and communication of data privacy and compliance across the company
- Assists with the development and maintenance of the Deel compliance framework across the infrastructure for the collection, storage, use, distribution and disposal of customer and employee data
- Works cross-functionally with stakeholders in products and services, marketing and business development, vendor management and other businesses as applicable to ensure effective processes and compliance
- Applies privacy and regulatory requirements on an operational level, monitors internal controls, audits, overseas assessment and mitigation of current program risks and directs program training and awareness
- Tests and implements Privacy by Design and Default requirements to Deel products.
- Investigates and responds to data privacy inquiries and incidents
Desired skills and competencies
- A keen interest in privacy laws and regulations
- Interest in Privacy by Design and Default; technical knowledge is very advantageous
- University degree
- Excellent verbal and written communication skills
- Ability to multi-task and work in a fast-paced team setting
- Fluency in English
Total Rewards
Our workforce deserves fair and competitive pay that meets them where they are. With scalable benefits, rewards, and perks, our total rewards programs reflect our commitment to inclusivity and access for all.
Some things you'll enjoy
- Stock grant opportunities dependent on your role, employment status and location
- Additional perks and benefits based on your employment status and country
- The flexibility of remote work, including optional WeWork access
At Deel, we're an equal-opportunity employer that values diversity and positively encourage applications from suitably qualified and eligible candidates regardless of race, religion, sex, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, pregnancy or maternity or other applicable legally protected characteristics.
Unless otherwise agreed, we will communicate with job applicants using Deel-specific emails, which include and other acquired company emails like and You can view the most up-to-date job listings at Deel by visitingour careers page.
Deel is an equal-opportunity employer and is committed to cultivating a diverse and inclusive workplace that reflects different abilities, backgrounds, beliefs, experiences, identities and perspectives.
Deel will provide accommodation on request throughout the recruitment, selection and assessment process for applicants with disabilities. If you require accommodation, please inform our Talent Acquisition Team at of the nature of the accommodation that you may require, to ensure your equal participation.
We use Covey as part of our hiring and/or promotional processes. As part of the evaluation process, we provide Covey with job requirements and candidate-submitted applications. Certain features of the platform may qualify it as an Automated Employment Decision Tool (AEDT) under applicable regulations. For positions in New York City, our use of Covey complies with NYC Local Law 144.
We began using Covey Scout for Inbound on March 30, 2025.
For more information about our data protection practices, please visit our Privacy Policy. You can review the independent bias audit report covering our use of Covey here:
Apply for this Job
Associate Director, Data Security and Compliance
Posted today
Job Viewed
Job Description
The Asia Data Office (ADO) is a team of data professionals dedicated to enabling data as a strategic asset to drive business outcomes across Asia and the broader Asia segment. The team comprises Data Analysts, Architects, Engineers, and Business Intelligence professionals focused on delivering high-quality, accessible data for use cases spanning Business Intelligence, Digital Applications, and Advanced Analytics.
We are seeking a highly skilled and experienced Associate Director, Data Security and Compliance to spearhead the development and enforcement of access management frameworks and data risk policies across multiple data lakes in Asia, while ensuring alignment with global standards. This role is critical in maintaining regulatory compliance across ten markets and managing key data risks within the Asia Data Office.
Position Responsibilities
Access Management
- Framework Development: Design, implement, and maintain robust access management frameworks and policies to ensure secure and efficient data access across Asia's data lakes.
- Policy Integration: Collaborate with global teams to align regional access policies with global standards.
- Access Controls: Regularly monitor and audit access controls to ensure compliance with internal policies and security protocols.
- User Access Management: Oversee role-based access provisioning, ensuring appropriate access levels based on responsibilities.
- Technology Enablement: Partner with IT and architecture teams to implement tools and technologies that support access governance.
Data Governance
- Governance Oversight: Ensure effective governance of data access, maintaining data integrity, security, and availability.
- Quality Initiatives: Lead efforts to standardize and harmonize data access processes across the region.
- Policy Enforcement: Ensure adherence to data governance policies by all stakeholders.
Regulatory Compliance
- Compliance Monitoring: Track and ensure compliance with data access regulations across ten markets, adapting policies as needed.
- Regulatory Liaison: Work closely with legal and compliance teams to meet local and international regulatory requirements.
- Documentation: Maintain clear and comprehensive documentation of access policies and procedures.
Data Risk Management
- Risk Identification & Mitigation: Identify, assess, and mitigate data privacy and security risks. Lead Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
- Risk Execution: Own and execute Information Risk Assessments (IRAs) for the Asia Data Office.
- Audit & Compliance: Conduct regular audits to ensure ongoing compliance with privacy and security laws. Implement corrective actions as necessary.
- Incident Response: Lead response efforts for data breach incidents, including investigation, reporting, and remediation.
- Reporting: Provide regular updates on data risk status and mitigation strategies to the Asia Chief Data Officer and senior leadership.
- Training & Awareness: Develop and deliver training programs to promote a culture of privacy and data security awareness.
Coordination & Collaboration
- Cross-Functional Engagement: Collaborate with IT, legal, compliance, architecture, engineering, and business teams to ensure cohesive access management.
- Culture Building: Promote data stewardship and accountability across the organization.
- Solution Design: Work closely with solution and data architects to design access management solutions aligned with business and regulatory needs.
Required Qualifications
- Bachelor's or Master's degree in Information Technology, Data Science, Business Administration, or a related field.
- 8–10 years of experience in access management, data governance, or risk management.
- Experience in a multinational organization with a focus on Asia.
- Professional certifications such as CIPP, CRISC, or CDMP.
- Strong knowledge of access frameworks, governance policies, and regulatory compliance.
- Proficiency in technologies such as SQL, Oracle RDBMS, Microsoft Synapse, Azure Data Lake Storage (ADLS), Azure Data Factory, Cosmos DB, and Databricks.
- Foundational understanding of emerging technologies like Generative AI and OpenAI.
- Demonstrated experience in managing data risks and implementing mitigation strategies.
- Excellent leadership, communication, and stakeholder management skills.
- Ability to thrive in a fast-paced, dynamic environment with multiple priorities.
When You Join Our Team
- We'll empower you to learn and grow the career you want.
- We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
- As part of our global team, we'll support you in shaping the future you want to see.
About Manulife And John Hancock
Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit
Manulife is an Equal Opportunity Employer
At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.
It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact
Working Arrangement
Hybrid
Associate Director, Data Security and Compliance
Posted 15 days ago
Job Viewed
Job Description
The Asia Data Office (ADO) is a team of data professionals dedicated to enabling data as a strategic asset to drive business outcomes across Asia and the broader Asia segment. The team comprises Data Analysts, Architects, Engineers, and Business Intelligence professionals focused on delivering high-quality, accessible data for use cases spanning Business Intelligence, Digital Applications, and Advanced Analytics.
We are seeking a highly skilled and experienced Associate Director, Data Security and Compliance to spearhead the development and enforcement of access management frameworks and data risk policies across multiple data lakes in Asia, while ensuring alignment with global standards. This role is critical in maintaining regulatory compliance across ten markets and managing key data risks within the Asia Data Office.
**Position Responsibilities:**
**Access Management**
+ **Framework Development:** Design, implement, and maintain robust access management frameworks and policies to ensure secure and efficient data access across Asia's data lakes.
+ **Policy Integration:** Collaborate with global teams to align regional access policies with global standards.
+ **Access Controls:** Regularly monitor and audit access controls to ensure compliance with internal policies and security protocols.
+ **User Access Management:** Oversee role-based access provisioning, ensuring appropriate access levels based on responsibilities.
+ **Technology Enablement:** Partner with IT and architecture teams to implement tools and technologies that support access governance.
**Data Governance**
+ **Governance Oversight:** Ensure effective governance of data access, maintaining data integrity, security, and availability.
+ **Quality Initiatives:** Lead efforts to standardize and harmonize data access processes across the region.
+ **Policy Enforcement:** Ensure adherence to data governance policies by all stakeholders.
**Regulatory Compliance**
+ **Compliance Monitoring:** Track and ensure compliance with data access regulations across ten markets, adapting policies as needed.
+ **Regulatory Liaison:** Work closely with legal and compliance teams to meet local and international regulatory requirements.
+ **Documentation:** Maintain clear and comprehensive documentation of access policies and procedures.
**Data Risk Management**
+ **Risk Identification & Mitigation:** Identify, assess, and mitigate data privacy and security risks. Lead Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
+ **Risk Execution:** Own and execute Information Risk Assessments (IRAs) for the Asia Data Office.
+ **Audit & Compliance:** Conduct regular audits to ensure ongoing compliance with privacy and security laws. Implement corrective actions as necessary.
+ **Incident Response:** Lead response efforts for data breach incidents, including investigation, reporting, and remediation.
+ **Reporting:** Provide regular updates on data risk status and mitigation strategies to the Asia Chief Data Officer and senior leadership.
+ **Training & Awareness:** Develop and deliver training programs to promote a culture of privacy and data security awareness.
**Coordination & Collaboration**
+ **Cross-Functional Engagement:** Collaborate with IT, legal, compliance, architecture, engineering, and business teams to ensure cohesive access management.
+ **Culture Building:** Promote data stewardship and accountability across the organization.
+ **Solution Design:** Work closely with solution and data architects to design access management solutions aligned with business and regulatory needs.
**Required Qualifications:**
+ Bachelor's or Master's degree in Information Technology, Data Science, Business Administration, or a related field.
+ 8-10 years of experience in access management, data governance, or risk management.
+ Experience in a multinational organization with a focus on Asia.
+ Professional certifications such as CIPP, CRISC, or CDMP.
+ Strong knowledge of access frameworks, governance policies, and regulatory compliance.
+ Proficiency in technologies such as SQL, Oracle RDBMS, Microsoft Synapse, Azure Data Lake Storage (ADLS), Azure Data Factory, Cosmos DB, and Databricks.
+ Foundational understanding of emerging technologies like Generative AI and OpenAI.
+ Demonstrated experience in managing data risks and implementing mitigation strategies.
+ Excellent leadership, communication, and stakeholder management skills.
+ Ability to thrive in a fast-paced, dynamic environment with multiple priorities.
**_When you join our team:_**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido
Information Security Manager
Posted 2 days ago
Job Viewed
Job Description
Join to apply for the Information Security Manager role at Global Payments Inc. .
Develops and leads one or more of the following highly technical and specialized areas within information security: Security Engineering, Security Architecture, Forensics Analysis, Threat Analysis, Threat Hunting and Penetration Testing. Manages the development, deployment and execution of enterprise security controls and defenses. Monitors, analyzes and exploits system vulnerabilities to detect potential threats. Executes containment, mitigation and protection processes to safeguard against real time threats while maintaining critical documentation and evidence. Determines risk and exposure from security breaches and resolves incidents while providing guidance to business decision-makers.
Responsibilities- Tracks and supports the delivery of information security solutions. Manages the tactical activities of installing and configuring security systems, software and applications. Coordinates responses to intrusions and provide remediation guidance and support.
- Coordinates resources on highly complex development projects including approval of design specifications and scope. Provides input to short-term security technology roadmaps regarding applicability of new technologies. Disseminates updates to InfoSec Architectural policies, standards and guidelines to team members.
- Reviews forensic investigations and analysis of reported cyber incidents to evaluate root cause vectors and necessary control measures needed to prevent future occurrence. Implements appropriate countermeasures to recover deleted, hidden or lost user data.
- Coordinates research and analysis of threat actor profiles and associated indicators to detect potential threats. Implements recommended actions and security tools to identify, monitor and mitigate attacks. Coordinates with external security organizations to exchange threat intelligence.
- Coordinates complex threat assessment to evaluate incident impact and risk exposure. Reviews cyber operations intelligence and/or indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies), and draws conclusions on possible implications or applicability. Guides the threat intelligence collection process to enhance analytical capabilities.
- Manages execution of penetration testing activities on core systems. Articulates the outcome of stimulated attacks and underlying security issues or system weaknesses. Recommends and institutes remediation techniques or improvements to protect and maintain security frameworks and controls.
- Supports the evaluation and selection of security applications and systems. Manages the implementation of access control defenses. Provides quality review on the evaluation and documentation of team procedures. Manages development, deployment and support activities for multiple critical security technologies to include problem resolution and management, application maintenance, project requests and system enhancements.
- Not an exhaustive list; other duties as assigned.
- Bachelor's Degree
- Relevant Experience or Degree in: Information Security or Computer Science preferred. Other majors will be considered.
- Typically a minimum of 6 years
- Related professional experience and prefer a minimum of 1-2 years experience in a supervisory position.
- One or more of the following-CISSP, CISA, CISM, PCI-QSA, PA-QSA, PCIP, CRISC, CGEIT, Certified Forensic Computer Examiner (CFCE), Certified Cyber Threat Analyst (CCTA), Certified Computer Examiner (CCE)
- Prior Global Payments, payment or technology industry experience is preferred.
- Master's Degree in a related field of study from an accredited university.
None Identified
Job Details- Seniority level: Mid-Senior level
- Employment type: Full-time
- Job function: Information Technology
- Industries: Financial Services and IT Services and IT Consulting
Information Security Analyst
Posted 6 days ago
Job Viewed
Job Description
Associate Manager @ PureSoftware Malaysia
Job Description:
Qualifications- Minimum of 2 years of experience in information security or a similar role.
- Strong understanding of information security principles, standards, and best practices.
- General knowledge in industry regulations and framework such as NIST Cybersecurity Framework, ISO27001 or PCI DSS.
- Experience with security assessment tools and techniques.
- Knowledge in network and system security, including firewalls, intrusion detection/prevention systems, and endpoint protection.
- Strong communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams.
- Relevant certifications such as CISSP, CISM, or CEH are desirable.
PureSoftware, a wholly owned subsidiary of Happiest Minds Technologies, is a global software products and digital services company. PureSoftware has been driving transformation for the world’s top organizations across various industry verticals, including banking, financial services, and insurance, life sciences and healthcare, high tech and communications, retail and logistics, and gaming and entertainment. Arttha, from PureSoftware, is a globally trusted financial technology platform.
PureSoftware is Great Place to Work Certified in India for the third consecutive year
Seniority level- Associate
- Full-time
- Information Technology, Other, and Analyst
- Insurance, Banking, and Financial Services
Information Security Architect
Posted 14 days ago
Job Viewed
Job Description
Get AI-powered advice on this job and more exclusive features.
Join us. Let’s care for tomorrow. At Allianz Global Investors we foster a culture of professionalism, fulfilment, and an inclusive working environment. Do you want to be part of a leading active asset management company? Then join us now as Information Security Architect in Hong Kong within the Information Security team.
What You Will Do- Support of the continuous development and improvement of our global information security programme (including frameworks, processes, and tool sets) with a focus on security architecture and governance
- Conduct Security Architecture reviews based on industry-best practise, including threat modelling of systems and applications in scope as a vehicle to identify and communicate security risks
- Prepare and moderate regional security governance forums and status meetings, having modern and future-proof collaboration models in mind
- Act as a regional security point of conduct for auditors and business partners
- Driving our global security training and phishing exercises and conducting regional security awareness measures as part of our communication concept
- Work closely with a distributed team of Information Security, IAM and Cybersecurity professionals across Asia and Europe
- Deep expertise and proven experience in Information Security Management, including frameworks, regulations and security architecture
- 3-7 years of professional experience in information security/cybersecurity with specific industry qualifications (e.g., CISSP, CISM, CISA)
- Hands-on experience in developing solutions, such as relevant guidelines and operating procedures on the basis of best-practices, business needs and regulatory requirements as well es respective methodologies for control testing
- Experience in the identification of security risks as well as threat modelling based on internationally recognized frameworks, including the advisory on possible mitigating and controlling measures and architectures.
- Proven track record in working with diverse and distributed global teams, as well as excellent communication and interpersonal skills (communicating and reporting sophisticated technical concepts to business and risk partners)
- Experience interacting directly with senior stakeholders (C-Suite, Board and Regulators)
- Experience balancing multiple concurrent projects and priorities communicating and committing to realistic deadlines, showcasing a structured way of working
- Proficiency in English is a must, additional proficiency in Mandarin preferred and additional language skills are a plus
- Balanced work environment: A dynamic office culture that supports flexibility and collaboration
- Securing your future: Access to pension, retirement, and/or savings plans as applicable to the work location
- Shared success: Company share purchasing plan
- Support for what matters: Mental health and wellbeing programs
- Investments in your career: Career opportunities within the entire Allianz Group
- Investments in your skills: Comprehensive learning and development offerings, including certifications and professional qualifications
- … and so much more!
Allianz Global Investors is a leading global active asset manager. We invest for the long term and want to create value for clients every step of the way. We do this by being active – in how we partner with clients and anticipate their needs, and build solutions based on capabilities across public and private markets. Our focus on enhancing our clients’ assets leads naturally to a commitment to sustainability for positive change. Our goal is to enhance the investment experience for clients, whatever their location or goals. Putting our clients' needs first, behaving in a transparent way and treating people fairly means acting with integrity. We encourage a collegial culture, that supports individual responsibility. We invest in the development of our employees to maximize the power of innovation. We at Allianz believe in a diverse and inclusive workforce, we are committed to the principles of Equal Employment Opportunity and to helping applicants with any disabilities. We encourage you to bring your whole self to work, no matter where you are from, what you look like, who you love or what you believe in. We therefore welcome applications regardless of ethnicity or cultural background, age, gender, nationality, religion, disability or sexual orientation.
If you feel inspired to promote the active asset management experience, this is the place for you. Join our diverse, international, technology-enabled, and agile environment. Simply upload your CV in English to apply for this position! If you need support to navigate our websites or at any stage during your application, please send an email with your request to
To Recruitment Agencies Allianz Global Investors has an in-house recruitment team that sources great candidates directly. Therefore, Allianz Global Investors does not accept unsolicited resumes from agency or search firm recruiters. When we do work with recruitment agencies, that engagement is formalized by a contract. Fees will only be paid when there is a contract in place. Without a contract in place, we will not accept invoices on unsolicited resumes, even if the candidate was ultimately employed by Allianz Global Investors. Finally, please do not contact hiring managers directly.
Location: Sha Tin District, Hong Kong SAR; Job type: Full-Time | Permanent
#J-18808-LjbffrInformation Security Manager
Posted 22 days ago
Job Viewed
Job Description
Join to apply for the Information Security Manager role at Michael Page .
1 day ago Be among the first 25 applicants.
About Our ClientOur client is a well-established organization within the financial services sector. With a large workforce and a solid market presence in Hong Kong, they are committed to maintaining high standards in technology and information security.
Job DescriptionAs a 'Manager, Information Security,' your main responsibilities will include:
- Overseeing the implementation and maintenance of the bank's information security systems.
- Conducting regular audits and risk assessments to ensure adherence to security protocols.
- Developing and implementing information security policies and procedures.
- Training and mentoring staff on information security best practices.
- Conducting cybersecurity assessments, including penetration testing and infrastructure/web application reviews.
- Managing and maintaining security systems such as firewalls, NAC, IPS, and SIEM.
- Leading and coordinating information security projects across departments.
- Managing incident responses and investigations into security breaches.
- Staying updated on the latest trends and developments in information security.
- Reporting on the status of information security to senior management.
A Successful 'Manager, Information Security' Should Have
- A degree in Computer Science, Information Security, or a related field.
- Proven experience in a managerial role within the field of information security.
- Familiarity with information security regulations and standards in the financial services industry.
- Exceptional leadership and communication skills.
- The ability to handle sensitive information with discretion and integrity.
- A competitive salary in the range of HKD 648,000 - HKD 792,000 per annum.
- Standard benefits package.
- The chance to work in a fast-paced, technology-driven environment within the financial services industry.
- Opportunities for career progression and professional development.
- A supportive and collaborative company culture.
We encourage all candidates who believe they can fulfill these responsibilities and possess the necessary qualifications and skills to apply. This is a fantastic opportunity to join a leading financial organization in Hong Kong and make a significant impact in the field of Information Security.
Contact: Alexis Wee
Quote job ref: JN-
Seniority level- Mid-Senior level
- Full-time
- Information Technology and Engineering
- Financial Services, Accounting, and Banking
Be The First To Know
About the latest Data compliance Jobs in Hong Kong !
Information Security Officer
Posted today
Job Viewed
Job Description
Job Description:
- Support and maintain Information Security Management System (ISMS) in accordance with the standard of ISO 27001
- Ensure the accuracy of the ISMS documentation, develop and maintain information security policies, processes and procedures, design and deliver information security training and awareness programs
- Undertake information security control assessments, identify and monitor information security risks, threats and vulnerabilities
- Facilitate and coordinate external compliance audits and ensure audit findings are actioned as required
- Frequent business trip to mainland China
- 3-5 years working experience in Information Security
- Familiar with key frameworks such as ISO 27001
Information Security Engineer
Posted today
Job Viewed
Job Description
Job Responsibilities:
- Responsible for managing information security and infrastructure systems to ensure the smooth operation of all enterprise systems and network
- Support day-to-day monitoring and control of information security program, systems, configuration, patching and backup
- Assist in conducting risk assessment and information security review of internal operations, vulnerability assessments and tests for enterprise continuous improvement
- Assist in developing and continuously improve the information security issues and resolve the audit findings
- Coordinate implementation and validation of information security controls
- Monitor and assess information security violations incidents and responses
- Troubleshooting and provide technical support for information security solutions
- Assist in preparing training materials to promote information security awareness across the enterprise
- Maintain up-to-date inventory on infrastructure equipment and software
- Perform other duties as assigned by the supervisors
Requirements:
- Degree holder in Information Technology, Computer Science or related disciplines
- Holder of CISSP, CISA, CCNA, MCSE or relevant certification preferred
- 2+ years relevant working experience on information security, infrastructure maintenance and technical support
- Experience in developing and implementing information security control process, hands-on working experience in Microsoft Windows Server, Linux, Networking, Firewall, Antivirus, VMware and System Hardening
- Knowledge of ISO27001 or Risk Management is a plus
- Positive, responsible, able to work independently and maintain confidentiality
- Fresh graduates and willing to learn will also be considered
Information Security Governance
Posted today
Job Viewed
Job Description
At AIA we've started an exciting movement to create a healthier, more sustainable future for everyone.
As pioneering innovators for over 100 years, we're now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.
To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.
If you believe in developing a better tomorrow, read on.
About the Role
This position supports the Information Security Department in advancing the organization's information and cyber security maturity across internal operations and affiliated entities. The role is primarily responsible for leading and overseeing the implementation of robust security controls and governance practices, ensuring alignment with AIA's IT policies, standards, and guidelines. It plays a critical role in safeguarding the confidentiality, integrity, and availability of systems and data, while driving continuous improvement in security operations, risk management, and compliance.
Roles and Responsibilities:
This position is responsible for driving daily operations in key areas of information security, including identity and access management (IAM), vulnerability management, and security assessments, while ensuring compliance with company policies and standards, regulatory and audit requirements. Additionally, the role leads the execution of critical local and groupwide information security uplift initiatives, overseeing the deployment of solutions across IT infrastructure and applications, and validating their effectiveness through rigorous testing.
Daily Operations – Information Security Governance & Control
- Develop and maintain the information security governance framework and risk portfolio in alignment with AIA's IT policies, standards, and guidelines.
- Oversee regular security assessments, including identity and access management (IAM) reviews, vulnerability management, remediation activities, and independent testing of IT infrastructure and applications to ensure compliance with security standards.
- Establish and manage processes to proactively identify technology risks and potential security breaches, ensuring continuous protection of organizational systems and data.
- Supervise IAM operations, including access provisioning, role-based access control, and periodic access certifications, ensuring adherence to compliance and audit requirements.
Information Security Uplift Project Execution
- Lead the execution of key local information security initiatives, such as IAM enhancements and vulnerability remediation efforts.
- Drive the deployment of groupwide strategic information security solutions across local IT infrastructure and systems.
- Enhance security assessment practices for applications and infrastructure, providing actionable recommendations to strengthen the organization's security posture.
Strategic and Cross-Functional Engagement
- Lead ad-hoc cross-functional teams on special projects and strategic initiatives related to information security.
- Develop and implement plans to uplift information security controls across the organization.
- Serve as a key liaison with group offices, business partners, corporate clients, IT vendors, and external parties on IT security matters as needed.
Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.
You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.