Apply now »

Information Security Manager

Position Summary:
We are seeking an experienced professional in Information Security Management. The ideal candidate should have a strong understanding of IT Security policies, industry control frameworks, and local regulatory requirements, as well as the ability to manage audit lifecycle and participate in disaster recovery (DR) planning. This role will be responsible for managing security policies and standards, conducting control gap analyses and assessments, overseeing IT Security audit and testing activities, and presenting assessment results to management. The candidate must be detail-oriented, possess strong technical comprehension, communicate effectively with technical teams, and be proficient in professional technical writing.
 
Your Role:
  • Maintain and review IT Security Policies and related documentation.
  • Lead and manage IT security audits and security testing projects in entire lifecycle
  • Perform gap analyses against internal policies and regulatory requirements, and manage the necessary follow-up actions.
  • Act as the primary point of contact for inquiries related to Information Security Policies, audit activities, and control gap assessments.
  • Assist in technology disaster recovery planning (DRP) and preparation of DR drills.
  • Provide ad hoc support for security-related projects as needed.
  • Drive continuous improvements in overall information security posture from a governance and compliance perspective.
 
To Succeed in this Role:
  • Approximately 10 years of experience in information security management, cybersecurity, or related fields.
  • Strong understanding of IT policies, control, and risk frameworks (e.g., ISO 27001/22301, NIST, COBIT).
  • Solid understanding of Hong Kong’s information security regulatory requirements.
  • Proven experience collaborating across technical teams and engaging with stakeholders across different levels.
  • Excellent written and reading skills in English.
  • Strong analytical capabilities with attention to detail and the ability to consolidate information effectively.
  • Relevant certifications (e.g., CISM, CISA, CISSP, ISO 27001 Lead Auditor) are highly desirable.
 
Preferred Attributes:
  • Strategic mindset with a hands-on approach to problem-solving and the ability to work independently.
  • Experience in regulated industries (e.g., finance, healthcare) is a plus.
  • Knowledge of emerging technologies (e.g., Generative AI) is an advantage.
Ref ID:  60771
Location: 

Hong Kong, HK, HK

Business Unit:  PCCW Solutions
Full Time/ Part Time:  Full Time
Job Function:  Technology
Featured Job Category:: 

Apply now »