IT Security Controls Lead
Cathay Pacific
- Shenzhen, Guangdong
- Permanent
- Full-time
- IMT - Information Technology
- Shenzhen, Chinese mainland
- Cathay Pacific
- Application Deadline
- Applicants must have the right to live and work in Chinese mainland.
- Once employment is confirmed, the employment contract and personnel file will be arranged through local FESCO/ FASCO.
- Implement the IT security controls process and act to validate all defined controls effectiveness.
- Understand compliance framework of ISO27001 and PCIDSS standard, translate the technical controls requirement to enforceable technical controls requirement.
- Work as second layer of defence within IT departments to revisit existing controls gate and report any abnormal situation
- Work with various IT function teams including business unit to measure different IT controls effectiveness.
- Audit support functions including evidence collect and update, implement the suggested controls
- Strong understanding on Vulnerability Management across on-premises and cloud environments.
- Work with extended IT security team members to revisit and update controls as per emerging threat landscape.
- Understand the update to date market standard, able to translate the state of art knowledge to IT security controls process.
- Assist on IT security incident monitoring and response
- Assist on IT security operation solution administration and operation.
- Assist on relevant IT security project implementation and transition.
- Strong coaching skills to junior security analyst within the team
- Emergency and Accident and Crisis Response responsibilities as required
- Bachelor degree or above, Masters preferred
- 8 years relevant IT security experiences
- CISSP, CISM, CRISC, ISO 27001 lead auditor or relevant experience.
- Strong knowledge on compliance framework i.e. ISO 27001, PCIDSS
- Strong team development and coaching skills
- Self-motivation, willing to keep update to market standards and technology