47 Data Compliance jobs in Hong Kong

**Associate Director, Data Security and Compliance**
The Asia Data Office (ADO) is a team of data professionals dedicated to enabling data as a strategic asset to drive business outcomes across Asia and the broader Asia segment. The team comprises Data Analysts, Architects, Engineers, and Business Intelligence professionals focused on delivering high-quality, accessible data for use cases spanning Business Intelligence, Digital Applications, and Advanced Analytics.
We are seeking a highly skilled and experienced Associate Director, Data Security and Compliance to spearhead the development and enforcement of access management frameworks and data risk policies across multiple data lakes in Asia, while ensuring alignment with global standards. This role is critical in maintaining regulatory compliance across ten markets and managing key data risks within the Asia Data Office.
**Position Responsibilities:**
**Access Management**
+ **Framework Development:** Design, implement, and maintain robust access management frameworks and policies to ensure secure and efficient data access across Asia's data lakes.
+ **Policy Integration:** Collaborate with global teams to align regional access policies with global standards.
+ **Access Controls:** Regularly monitor and audit access controls to ensure compliance with internal policies and security protocols.
+ **User Access Management:** Oversee role-based access provisioning, ensuring appropriate access levels based on responsibilities.
+ **Technology Enablement:** Partner with IT and architecture teams to implement tools and technologies that support access governance.
**Data Governance**
+ **Governance Oversight:** Ensure effective governance of data access, maintaining data integrity, security, and availability.
+ **Quality Initiatives:** Lead efforts to standardize and harmonize data access processes across the region.
+ **Policy Enforcement:** Ensure adherence to data governance policies by all stakeholders.
**Regulatory Compliance**
+ **Compliance Monitoring:** Track and ensure compliance with data access regulations across ten markets, adapting policies as needed.
+ **Regulatory Liaison:** Work closely with legal and compliance teams to meet local and international regulatory requirements.
+ **Documentation:** Maintain clear and comprehensive documentation of access policies and procedures.
**Data Risk Management**
+ **Risk Identification & Mitigation:** Identify, assess, and mitigate data privacy and security risks. Lead Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
+ **Risk Execution:** Own and execute Information Risk Assessments (IRAs) for the Asia Data Office.
+ **Audit & Compliance:** Conduct regular audits to ensure ongoing compliance with privacy and security laws. Implement corrective actions as necessary.
+ **Incident Response:** Lead response efforts for data breach incidents, including investigation, reporting, and remediation.
+ **Reporting:** Provide regular updates on data risk status and mitigation strategies to the Asia Chief Data Officer and senior leadership.
+ **Training & Awareness:** Develop and deliver training programs to promote a culture of privacy and data security awareness.
**Coordination & Collaboration**
+ **Cross-Functional Engagement:** Collaborate with IT, legal, compliance, architecture, engineering, and business teams to ensure cohesive access management.
+ **Culture Building:** Promote data stewardship and accountability across the organization.
+ **Solution Design:** Work closely with solution and data architects to design access management solutions aligned with business and regulatory needs.
**Required Qualifications:**
+ Bachelor's or Master's degree in Information Technology, Data Science, Business Administration, or a related field.
+ 8-10 years of experience in access management, data governance, or risk management.
+ Experience in a multinational organization with a focus on Asia.
+ Professional certifications such as CIPP, CRISC, or CDMP.
+ Strong knowledge of access frameworks, governance policies, and regulatory compliance.
+ Proficiency in technologies such as SQL, Oracle RDBMS, Microsoft Synapse, Azure Data Lake Storage (ADLS), Azure Data Factory, Cosmos DB, and Databricks.
+ Foundational understanding of emerging technologies like Generative AI and OpenAI.
+ Demonstrated experience in managing data risks and implementing mitigation strategies.
+ Excellent leadership, communication, and stakeholder management skills.
+ Ability to thrive in a fast-paced, dynamic environment with multiple priorities.
**_When you join our team:_**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido

Associate Director, Data Security and Compliance

Join to apply for the Associate Director, Data Security and Compliance role at Manulife

Associate Director, Data Security and Compliance

2 weeks ago Be among the first 25 applicants

Join to apply for the Associate Director, Data Security and Compliance role at Manulife

The Asia Data Office (ADO) is a team of data professionals dedicated to enabling data as a strategic asset to drive business outcomes across Asia and the broader Asia segment. The team comprises Data Analysts, Architects, Engineers, and Business Intelligence professionals focused on delivering high-quality, accessible data for use cases spanning Business Intelligence, Digital Applications, and Advanced Analytics.
We are seeking a highly skilled and experienced Associate Director, Data Security and Compliance to spearhead the development and enforcement of access management frameworks and data risk policies across multiple data lakes in Asia, while ensuring alignment with global standards. This role is critical in maintaining regulatory compliance across ten markets and managing key data risks within the Asia Data Office.
Position Responsibilities
Access Management

• Framework Development: Design, implement, and maintain robust access management frameworks and policies to ensure secure and efficient data access across Asia’s data lakes.
• Policy Integration: Collaborate with global teams to align regional access policies with global standards.
• Access Controls: Regularly monitor and audit access controls to ensure compliance with internal policies and security protocols.
• User Access Management: Oversee role-based access provisioning, ensuring appropriate access levels based on responsibilities.
• Technology Enablement: Partner with IT and architecture teams to implement tools and technologies that support access governance.
  

Data Governance

• Governance Oversight: Ensure effective governance of data access, maintaining data integrity, security, and availability.
• Quality Initiatives: Lead efforts to standardize and harmonize data access processes across the region.
• Policy Enforcement: Ensure adherence to data governance policies by all stakeholders.
  

Regulatory Compliance

• Compliance Monitoring: Track and ensure compliance with data access regulations across ten markets, adapting policies as needed.
• Regulatory Liaison: Work closely with legal and compliance teams to meet local and international regulatory requirements.
• Documentation: Maintain clear and comprehensive documentation of access policies and procedures.
  

Data Risk Management

• Risk Identification & Mitigation: Identify, assess, and mitigate data privacy and security risks. Lead Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
• Risk Execution: Own and execute Information Risk Assessments (IRAs) for the Asia Data Office.
• Audit & Compliance: Conduct regular audits to ensure ongoing compliance with privacy and security laws. Implement corrective actions as necessary.
• Incident Response: Lead response efforts for data breach incidents, including investigation, reporting, and remediation.
• Reporting: Provide regular updates on data risk status and mitigation strategies to the Asia Chief Data Officer and senior leadership.
• Training & Awareness: Develop and deliver training programs to promote a culture of privacy and data security awareness.
  

Coordination & Collaboration

• Cross-Functional Engagement: Collaborate with IT, legal, compliance, architecture, engineering, and business teams to ensure cohesive access management.
• Culture Building: Promote data stewardship and accountability across the organization.
• Solution Design: Work closely with solution and data architects to design access management solutions aligned with business and regulatory needs.
  

Required Qualifications

• Bachelor’s or Master’s degree in Information Technology, Data Science, Business Administration, or a related field.
• 8–10 years of experience in access management, data governance, or risk management.
• Experience in a multinational organization with a focus on Asia.
• Professional certifications such as CIPP, CRISC, or CDMP.
• Strong knowledge of access frameworks, governance policies, and regulatory compliance.
• Proficiency in technologies such as SQL, Oracle RDBMS, Microsoft Synapse, Azure Data Lake Storage (ADLS), Azure Data Factory, Cosmos DB, and Databricks.
• Foundational understanding of emerging technologies like Generative AI and OpenAI.
• Demonstrated experience in managing data risks and implementing mitigation strategies.
• Excellent leadership, communication, and stakeholder management skills.
• Ability to thrive in a fast-paced, dynamic environment with multiple priorities.
  

When You Join Our Team

• We’ll empower you to learn and grow the career you want.
• We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
• As part of our global team, we’ll support you in shaping the future you want to see.
  

About Manulife And John Hancock
Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit is an Equal Opportunity Employer
At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.
It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact
Working Arrangement
Hybrid Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Other
• Industries Insurance

Referrals increase your chances of interviewing at Manulife by 2x

Get notified about new Director of Security jobs in Hong Kong, Hong Kong SAR .

Corporate Bank - Head of Securities Services - Director/ VP Director/ Deputy Director, Client Development

Shenzhen, Guangdong, China CN¥20,000.00-CN¥0,000.00 2 years ago

Treasury Director, Chinese Securities, 85k Security Operations Manager (MNC Retail) Manager, Infrastructure and Network Operations, Global IT Security and Operation Specialist (Asst Manager Level) Senior Operations Manager, Securities Brokerage

Shenzhen, Guangdong, China CN 0,000.00-CN 0,000.00 2 years ago

Security Architect - Director/Executive Level Data Engineer, Director P4, Institutional Securities Technology Manager/Associate Director, Cyber Security (Strategy, Governance & Risk), Technology Consulting Manager/Associate Director, Cyber Security (Simulated Attack), Technology Consulting Manager, Cyber Security Operations (MJ006042) Manager/Associate Director , Cloud Security, Technology Consulting Manager/Associate Director, Data Privacy and Protection, Technology Consulting Assistant Manager (Ant Bank - For Securities Operations) Manager - Professional Environment Services (Facilities & Office Operation) - Hong Kong(314235) Marketing Officer/ Senior Marketing Officer

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

4 days ago Be among the first 25 applicants

Talent Acquisition Lead @ PCCW Media / HKT

We are seeking a diligent and proactive Information Security Officer to oversee and maintain the operational integrity, security, and compliance of our secured room facilities. This role is critical in supporting ongoing monitoring, access control, and administrative processes to ensure the highest standards of safety and regulatory compliance are met.

Your Role

• Conduct monthly inspection of access logs and CCTV reviews to ensure adherence to security protocols.
• Manage user access applications on a bi-weekly or ad hoc basis, in line with corporate access governance procedures.
• Complete and maintain a monthly secured room checklist, covering physical and operational controls.
• Perform monthly access inventory assessments, including user recertification activities. • Address administrative and technical issues such as network or hardware incidents on an ad hoc basis.
• Coordinate monitoring and inspection of the Foshan secured room (monthly and as needed).
• Perform daily monitoring of security guard performance and escalate concerns when appropriate.
• Assist in implementing security control enhancements such as mobile device management (MDM), two-factor authentication (2FA), and ID verification improvements

To Succeed in this Role

• Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field.
• Minimum of 3 years of experience in information security, risk management, or a related role.
• Knowledge of network security principles and incident response procedures.
• Excellent analytical skills with the ability to assess security risks and implement effective mitigation strategies.
• Strong problem-solving abilities to address technical and administrative issues as they arise.
• Effective verbal and written communication skills to convey security policies and procedures clearly to stakeholders.

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Contract

Job function

• Job function Information Technology
• Industries Software Development, Information Services, and Technology, Information and Media

Referrals increase your chances of interviewing at PCCW by 2x

Sign in to set job alerts for “Information Security Officer” roles.

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Join to apply for the Information Security Manager role at Michael Page .

1 day ago Be among the first 25 applicants.

About Our Client

Our client is a well-established organization within the financial services sector. With a large workforce and a solid market presence in Hong Kong, they are committed to maintaining high standards in technology and information security.

Job Description

As a 'Manager, Information Security,' your main responsibilities will include:

• Overseeing the implementation and maintenance of the bank's information security systems.
• Conducting regular audits and risk assessments to ensure adherence to security protocols.
• Developing and implementing information security policies and procedures.
• Training and mentoring staff on information security best practices.
• Conducting cybersecurity assessments, including penetration testing and infrastructure/web application reviews.
• Managing and maintaining security systems such as firewalls, NAC, IPS, and SIEM.
• Leading and coordinating information security projects across departments.
• Managing incident responses and investigations into security breaches.
• Staying updated on the latest trends and developments in information security.
• Reporting on the status of information security to senior management.

The Successful Applicant

A Successful 'Manager, Information Security' Should Have

• A degree in Computer Science, Information Security, or a related field.
• Proven experience in a managerial role within the field of information security.
• Familiarity with information security regulations and standards in the financial services industry.
• Exceptional leadership and communication skills.
• The ability to handle sensitive information with discretion and integrity.

What's on Offer

• A competitive salary in the range of HKD 648,000 - HKD 792,000 per annum.
• Standard benefits package.
• The chance to work in a fast-paced, technology-driven environment within the financial services industry.
• Opportunities for career progression and professional development.
• A supportive and collaborative company culture.

We encourage all candidates who believe they can fulfill these responsibilities and possess the necessary qualifications and skills to apply. This is a fantastic opportunity to join a leading financial organization in Hong Kong and make a significant impact in the field of Information Security.

Contact: Alexis Wee

Quote job ref: JN-052025-6742617

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Information Technology and Engineering

Industries

• Financial Services, Accounting, and Banking

#J-18808-Ljbffr

4 days ago Be among the first 25 applicants

Talent Acquisition Lead @ PCCW Media / HKT

We are seeking a diligent and proactive Information Security Officer to oversee and maintain the operational integrity, security, and compliance of our secured room facilities. This role is critical in supporting ongoing monitoring, access control, and administrative processes to ensure the highest standards of safety and regulatory compliance are met.

Your Role

• Conduct monthly inspection of access logs and CCTV reviews to ensure adherence to security protocols.
• Manage user access applications on a bi-weekly or ad hoc basis, in line with corporate access governance procedures.
• Complete and maintain a monthly secured room checklist, covering physical and operational controls.
• Perform monthly access inventory assessments, including user recertification activities. • Address administrative and technical issues such as network or hardware incidents on an ad hoc basis.
• Coordinate monitoring and inspection of the Foshan secured room (monthly and as needed).
• Perform daily monitoring of security guard performance and escalate concerns when appropriate.
• Assist in implementing security control enhancements such as mobile device management (MDM), two-factor authentication (2FA), and ID verification improvements

To Succeed in this Role

• Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field.
• Minimum of 3 years of experience in information security, risk management, or a related role.
• Knowledge of network security principles and incident response procedures.
• Excellent analytical skills with the ability to assess security risks and implement effective mitigation strategies.
• Strong problem-solving abilities to address technical and administrative issues as they arise.
• Effective verbal and written communication skills to convey security policies and procedures clearly to stakeholders.

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Contract

Job function

• Job function Information Technology
• Industries Software Development, Information Services, and Technology, Information and Media

Referrals increase your chances of interviewing at PCCW by 2x

Sign in to set job alerts for “Information Security Officer” roles.

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Join to apply for the Information Security Manager role at Michael Page .

1 day ago Be among the first 25 applicants.

About Our Client

Our client is a well-established organization within the financial services sector. With a large workforce and a solid market presence in Hong Kong, they are committed to maintaining high standards in technology and information security.

Job Description

As a 'Manager, Information Security,' your main responsibilities will include:

• Overseeing the implementation and maintenance of the bank's information security systems.
• Conducting regular audits and risk assessments to ensure adherence to security protocols.
• Developing and implementing information security policies and procedures.
• Training and mentoring staff on information security best practices.
• Conducting cybersecurity assessments, including penetration testing and infrastructure/web application reviews.
• Managing and maintaining security systems such as firewalls, NAC, IPS, and SIEM.
• Leading and coordinating information security projects across departments.
• Managing incident responses and investigations into security breaches.
• Staying updated on the latest trends and developments in information security.
• Reporting on the status of information security to senior management.

The Successful Applicant

A Successful 'Manager, Information Security' Should Have

• A degree in Computer Science, Information Security, or a related field.
• Proven experience in a managerial role within the field of information security.
• Familiarity with information security regulations and standards in the financial services industry.
• Exceptional leadership and communication skills.
• The ability to handle sensitive information with discretion and integrity.

What's on Offer

• A competitive salary in the range of HKD 648,000 - HKD 792,000 per annum.
• Standard benefits package.
• The chance to work in a fast-paced, technology-driven environment within the financial services industry.
• Opportunities for career progression and professional development.
• A supportive and collaborative company culture.

We encourage all candidates who believe they can fulfill these responsibilities and possess the necessary qualifications and skills to apply. This is a fantastic opportunity to join a leading financial organization in Hong Kong and make a significant impact in the field of Information Security.

Contact: Alexis Wee

Quote job ref: JN-052025-6742617

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Information Technology and Engineering

Industries

• Financial Services, Accounting, and Banking

#J-18808-Ljbffr

Join to apply for the Principal, Information Security role at AIA Hong Kong and Macau

Continue with Google Continue with Google

Join to apply for the Principal, Information Security role at AIA Hong Kong and Macau

Get AI-powered advice on this job and more exclusive features.

Sign in to access AI-powered advices

Continue with Google Continue with Google

Continue with Google Continue with Google

Continue with Google Continue with Google

Continue with Google Continue with Google

Continue with Google Continue with Google

Continue with Google Continue with Google

At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone.
As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.
To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.
If you believe in developing a better tomorrow, read on.
About The Role
This position plays a significant role in supporting management and Director of Information Security to promote and enhance the maturity of Information and cyber security of the organisation, as well as related business entities. This is to be done through a robust governance, Information security risk management and compliance programmes, coupled with well-planned communications and awareness-raising programmes tailored for different internal and external stakeholders. Therefore, while the individual taking up this role may not need to be an Information Security expert, he or she must be a quick learner who can grasp a wide range of IT/cyber security topics. The individual must also be a great communicator who can convey messages in English and Chinese involving highly technical IT/cyber risk concepts to all levels of staff (for instance, for awareness-raising campaigns) and to strategic stakeholders (such as regulators, auditors and corporate clients) in an efficient and professional manner.
(Daily operation) Regulatory and Information Security Compliance

• Develop and manage the Information security governance framework & risk portfolio, which follows the AIA’s security standards and guidelines.
• Be the subject matter expert to provide advice on regulatory requirements related to information security.
  

Communications and engagement with regulators, auditors

• Lead and coordinate internal efforts to support compliance assessment against regulatory requirements and IT audits conducted by internal/external auditors;
• Coordinate inputs and craft accurate and appropriate responses to enquiries coming from regulators and auditors;
  

Awareness-raising and education for staff

• Organise regular and frequent activities and develop localised materials to raise the awareness of staff at all levels on various cybersecurity controls and practices, and other topical issues of Information Security.
• Maintain and curate the internal Information Hub for education and sharing.
  

Miscellaneous

• Lead ad-hoc cross-functional teams on special projects or strategic initiatives relating to Information Security
• Communicate with group offices, business partners, corporate clients, IT vendors and external parties, as and when needed
  

Job Requirements

• Degree holder in Computer Science, Information Systems, Business, Finance, Risk Management, or a related discipline.
• Minimum of 10 years of relevant and solid experience in Information Security risk management and control, gained from international financial institutions, professional firms or financial regulators.
• Holder of relevant IT audit professional qualification and/or IT security certificates preferred (such as CISA, CISM, CISSP etc.).
• Solid experience in handling cybersecurity assessments and IT audit-related assignments and familiar with relevant control requirements from different regulatory bodies such as Hong Kong Insurance Authority, Mandatory Provident Fund Schemes Authority, Macau AMCM etc.
• Excellent communication (written and oral) skills, and demonstratable experience as a highly effective facilitator of cross functional teams.
• Excellent leadership and management skills and proven ability to build, manage and foster a team-oriented environment.
• Confident and trustworthy; keen to earn the respect and trust of, and inspire, others. Independent and strong self-initiative to work creatively and analytically when solving problems.
• You are required to obtain the relevant licence(s) if your job involves regulated activities.
  

Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.
You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date. Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries Insurance

Referrals increase your chances of interviewing at AIA Hong Kong and Macau by 2x

Get notified about new Information Security Specialist jobs in Hong Kong, Hong Kong SAR .

Information Technology Cybersecurity Analyst / Specialist

Eastern District, Hong Kong SAR 1 hour ago

Assistant Information Security Consultant Technology Risk Manager (IT Security) – Information Technology Department Regional Information Security Engineer - Renewable Contract CYBER SECURITY AND RISK ANALYST / CYBER SECURITY ENGINEER Associate - IT Security (Corporate Bank) Senior Officer - Information Technology (Cyber Security) (Contract period up to 31 August 2026) (Ref: IT/06/245) Cybersecurity Detection and Response Analyst Analyst, Cyber Security (Ref: DTD194/25, 10514) Cyber Security Analyst / Engineer (Identity and Access Management) Global Security GRC Analyst (Governance, Risk, and Compliance) Senior/Junior Information Security Consultant (Governance, Risk and Compliance) Senior Manager, Group Information Security Assistant Vice President, IT Security - IT Operations Department Analyst, IT Security Operations & Engineering Assistant Manager, Business Information Security Office IT Support Analyst for Security Financing

Shenzhen, Guangdong, China CN¥45,000 - CN¥5,000 2 years ago

Shenzhen, Guangdong, China CN 5,000 - CN 0,000 1 year ago

Technology Risk Manager (Information Security Control Division)

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

2 days ago Be among the first 25 applicants

Talent Acquisition Lead @ PCCW Media / HKT

We are seeking a highly capable and experienced professional with approximately 10 years of experience in cybersecurity governance, and IT audit and security assessment support. This role focuses on leading security assessments in collaboration with technical teams, reviewing and translating technical findings into clear and impactful reports for clients, regulators, and senior management. The ideal candidate will possess strong analytical skills, excellent communication abilities, and a solid understanding of security controls across various technology domains.

Your Role

• Lead and coordinate security assessments across infrastructure, applications, and cloud environments, working closely with technical SMEs.
• Interface with technical teams to understand control implementation and translate findings into governance insights.
• Prepare high-quality security reports and presentations tailored for client and senior stakeholders.
• Support responses to client and regulatory security inquiries, ensuring accuracy, clarity, and timely delivery.
• Support the development of security reporting and risk metrics
• Contribute to the development and refinement of security policies, standards, and procedures.
• Support audit and assessment activities, including evidence collection and coordination with internal teams.
• Promote security awareness and contribute to training initiatives across the organization.

To Succeed in this Role

• Minimum 10 years of experience in cybersecurity governance, technology risk, or audit-related roles.
• Strong understanding of security controls across infrastructure, application, and cloud domains.
• Proven ability to work with technical teams and translate technical content into business-friendly reporting.
• Experience in preparing client-facing documentation and presentations.
• Excellent written and verbal communication skills in English.
• Familiarity with regulatory frameworks and standards (e.g., ISO 27001, NIST, CIS).
• Relevant certifications such as CISM, CRISC, ISO 27001 Lead Implementer, or equivalent are preferred.

Preferred Attributes

• Experience in regulated industries such as finance, healthcare, or insurance.
• Strong stakeholder engagement and coordination skills.
• Detail-oriented with a proactive and structured approach to governance.
• Familiarity with GRC

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries Software Development, Information Services, and Technology, Information and Media

Referrals increase your chances of interviewing at PCCW by 2x

Get notified about new Information Security Specialist jobs in Hong Kong, Hong Kong SAR .

Information Technology Cybersecurity Analyst / Specialist Cybersecurity Detection and Response Analyst Technology Consulting - Cyber Security - Security Governance - Senior Associate - Hong Kong Principal IT Lead (Information Security) (Ref: IT-ISNS-PITL-IS-LI)) Sr. Analyst, IAM & Cloud Security Engineering, IT

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

5 days ago Be among the first 25 applicants

Join our fast-paced team as a Senior Information Security Specialist, contributing to global security operations across various entities at the group level. In this role, you'll utilize advanced tools for threat detection, incident response, and proactive security measures, ensuring robust protection against emerging cyber threats.

Responsibilities

• Utilize cybersecurity tools like SIEM, EDR, and SOAR for effective threat management.
• Stay updated on emerging cyber threats, vulnerabilities, and mitigation techniques.
• Lead incident response, management, and investigations.
• Conduct purple team exercises and threat hunting to identify risks.
• Analyze threat actors and their tactics through detailed research.
• Perform malware analysis to prevent future attacks.
• Oversee actionable Threat Intelligence (TI) collection and execution.
• Propose and implement security initiatives to combat emerging threats.
• Develop and update playbooks and documentation for security processes.
• Provide expertise in creating and maintaining security frameworks and policies.
• Evaluate new software or products for security projects.
• Promote security awareness and conduct role-based training.
• Communicate cybersecurity risks effectively to stakeholders.

Requirements

• Must have 5-8 years of experience in Information Security with hands-on expertise in Security Engineering, Operations, Cyber Threat Intelligence, Digital Forensics, Incident Response, Endpoint, or Cloud Security.
• Must be skilled with security event tools and incident response within a blue team context.
• Nice to have: Experience in Red Teaming and Penetration Testing (PenTest), as well as in-house security operations.
• Proficient with SIEM, EDR, SOAR, Vulnerability Management, and Open-Source Tools.
• Familiar with cloud environments such as AWS, Azure, and GCP.
• Knowledge of malware reverse-engineering techniques.
• Proficient in one coding language (Python, Java, etc.).
• Strong understanding of the MITRE ATT&CK framework.
• Professional English proficiency; Chinese is a plus.

About OSL

As a subsidiary of the publicly listed OSL Group (HKEX: 863.HK), OSL Digital Securities is Hong Kong’s first and most established SFC-licensed and insured digital asset platform. Operating since 2018, the platform provides institutional-grade digital asset services to corporations, financial institutions, professional and retail investors.

OSL Core Values

Be customer-centered

Be a high-performing team

Be relentlessly innovative

Be an owner

Be geared toward action

Be compliant

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Finance, Accounting/Auditing, and Information Technology
• Industries Securities and Commodity Exchanges and Financial Services

Referrals increase your chances of interviewing at OSL by 2x

Sign in to set job alerts for “Information Security Specialist” roles. Information Technology Cybersecurity Analyst / Specialist CYBER SECURITY AND RISK ANALYST / CYBER SECURITY ENGINEER Information Technology Security Specialist Technology Consulting - Cyber Security - Security Governance - Senior Associate - Hong Kong Cybersecurity Detection and Response Analyst Principal IT Lead (Information Security) (Ref: IT-ISNS-PITL-IS-LI)) Sr. Analyst, IAM & Cloud Security Engineering, IT

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr