IT Security Controls Lead

Cathay Pacific

Shenzhen, Guangdong
Permanent
Full-time

1 month ago

IMT - Information Technology
Shenzhen, Chinese mainland
Cathay Pacific
Application Deadline

22 May 2024Company DescriptionAt Cathay Pacific, we share one common aspiration: to be the world's best airline. We believe in looking for the best in our people, in working as a team, in doing the right thing by our shareholders and our communities.With a global team, we offer a diverse range of career choices and opportunities - in the air, on the ground; in customer service, in the office; managerial or professional roles. Our team of great people each plays a key role to deliver the quality service that we are famous for.Notes: * All Chinese mainland based positions are subject to local terms and conditions.

Applicants must have the right to live and work in Chinese mainland.
Once employment is confirmed, the employment contract and personnel file will be arranged through local FESCO/ FASCO.

Role IntroductionAssist Team manager to develop, monitor and validate IT security controls within the company IT environment. Coaching junior analyst to keep improve all IT security controls effectivenessEquips with strong technical knowledge, responsible for managing the performance and developing junior team members. This position must be able to effectively communicate with all levels of staff within the organization; from different business units across the company to senior management, in order to ensure that everyone is on the same page to align with the defined process, procedure and standard. Job rotation within IT Security Team is expected.Key Responsibilities

Implement the IT security controls process and act to validate all defined controls effectiveness.
Understand compliance framework of ISO27001 and PCIDSS standard, translate the technical controls requirement to enforceable technical controls requirement.
Work as second layer of defence within IT departments to revisit existing controls gate and report any abnormal situation
Work with various IT function teams including business unit to measure different IT controls effectiveness.
Audit support functions including evidence collect and update, implement the suggested controls
Strong understanding on Vulnerability Management across on-premises and cloud environments.
Work with extended IT security team members to revisit and update controls as per emerging threat landscape.
Understand the update to date market standard, able to translate the state of art knowledge to IT security controls process.
Assist on IT security incident monitoring and response
Assist on IT security operation solution administration and operation.
Assist on relevant IT security project implementation and transition.
Strong coaching skills to junior security analyst within the team

E&A Responsibility

Emergency and Accident and Crisis Response responsibilities as required

RequirementsAcademic Qualifications

Bachelor degree or above, Masters preferred

Knowledge, Skills, Training and Experience

8 years relevant IT security experiences
CISSP, CISM, CRISC, ISO 27001 lead auditor or relevant experience.
Strong knowledge on compliance framework i.e. ISO 27001, PCIDSS
Strong team development and coaching skills
Self-motivation, willing to keep update to market standards and technology

Personal & Application InformationCathay Pacific is an Equal Opportunities Employer. Personal data provided by job applicants will be used strictly in accordance with our personal data policy and for recruitment purposes only. Candidates not notified within eight weeks may consider their application unsuccessful. All related information will be kept in our file for up to 24 months. A copy of our Personal Information Collection Statement will be provided upon request by contacting our Data Protection Officer.

Cathay Pacific

Apply Now