Manager - Cyber Security (Applications)

Full-time
Intermediate (3-6 years)

Posted 

Technical Skills

  • Application Development
  • ISO
  • Risk Assessment
  • Risk Management
  • Software Development
  • Translation

Job Description

Manager - Cyber Security (Applications)

Role and Responsibility :

  • Being an Application Security Evangelist who translates security concepts for developers
  • Improving and maintaining secure development standards and managing application security framework improvement projects
  • Integrating security tools, standards and processes into the Software Development Life Cycle (SDLC)
  • Ensuring that developers are trained with the appropriate level of security knowledge to perform their daily activities
  • Improving and supporting application security tool deployments including static analysis and runtime testing tools
  • Producing metrics reporting the state of application security programs and performance of development teams against requirements
  • Supporting Vendor Security activities to ensure third party software and development meets security standards
  • Supporting the incident response and architecture review processes whenever application security expertise is needed
  • Holding third party’s accountable for code quality
  • Integrating threat modeling practices into the product life cycle
  • Conducting application security design reviews and prioritize all application security issues
  • Providing security requirements for test‐driven design
  • Partnering with third parties to provide penetration testing services

Requirements :

  • University degree in Computer Science or related disciplines
  • Over 5 years’ experience in IT Application security and risk management area
  • Strong technical or security skills related to IT applications and infrastructure Solid experience in cyber security controls and incident handling
  • Good knowledge in Companying environment
  • Knowledge and experience in Fintech is desirable
  • Strong knowledge of Companying regulations / guidelines relating to cyber security and technology risk management
  • Strong self-motivation, with good leadership, communication, interpersonal and analytical skills
  • Great sense of ownership and servicing mindset
  • Good command of both spoken and written English and Chinese; Mandarin is an advantage
  • Possess at least two of the professional qualification such as CISM, CISA, CISSP, CEH, GWAPT, GPEN and OSCP
  • Experienced in web and mobile application development/penetration testing preferred
  • Experienced in performing security risk assessment and audits based on industry standards
  • Familiar with various cybersecurity related framework such as ISO 27001 ISMS, CIS CSC (CIS Critical Security Controls) and NIST Cyber Security Framework
  • Candidates with less experience will be considered as Assistant Manager

Please send full resume, current and expected salary, contact number and address to the Recruitment Manager, 29/F, New World Tower, 18 Queen's Road Central, Hong Kong or email to [email redacted, apply via Jobable]

(Personal data collected will be used for recruitment purpose only)

Employment TypeFull-time
Career LevelIntermediate (3-6 years)
Education LevelBachelor
QualificationCertified Information Security Manager (CISM), Certified Information System Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH)
LanguageEnglish, Cantonese, Mandarin (Putonghua)

32/F, New World Tower, 16-18 Queen's Road Central, Central

directions_walk5 mins walk from Central Station