Assistant Cyber Risk & Compliance Manager4 days ago Be among the first 25 applicants Retail Technology Asia (RTA) is a cloud-based digital retail service company headquartered in Hong Kong. We have world-leading Saa S technology. We are looking for a professional Cyber Risk and Compliance specialist to join our Cyber Security team and govern our cybersecurity compliance. The Job Responsible for team and vendor resources management for Governance, Risk and Compliance functions Develop and maintain security policies standards, procedures, and guidelines Conduct review, attestation, and assurance Responsible for security standard certification and compliance Review and manage non-compliance exception Maintain security risk register and oversee treatment plan Conduct security awareness education & training Provide security policy, standards, compliance related advice Maintain Business continuity and disaster recovery plan and conduct associated drills The Person Bachelor’s degree or above in Computer Science, Information Technology, Information Security, Cyber Security, Cyber and Technology Risk Management, Security Compliance or related discipline Holder of at least 1 certification in CISA, CISSP, CISM, CRISC, CCAK or equivalent At least 6 years working experience in IT technical roles or audit with no less than 3 years of hands-on experience in security governance, development of security policies, standards and procedures, security compliance and risk management related work In-depth Knowledge in ISO27001, ISO27002, ISO27017, ISO27018, SOC2/SOC3, PCIDSS, GDPR, PDPO, CSA CCM, CSA STAR program, NIST CSF, CIS Critical Control, CIS Hardening Benchmark, OWASP and Cyber Security Laws Knowledge and experience in conducting security assessment, assurance and compliance review on containerized applications and Saa S infrastructure in Microsoft Azure and other cloud technologies Knowledge and experience in defining, monitoring reporting KRI matrices Knowledge and experience in conducting business continuity and disaster recovery planning and drills Knowledge and experience in conducting security awareness training program Knowledge and experience in conducting risk assessment and oversee treatment plan Good EQ and ability to handle high pressure situation with key stake holder Excellent presentation skills and attention to details Self-motivated and can work independently Innovative and can adopt quickly to change Good problem solving and inter-personal skills Good coordination and collaboration skills Excellent communication and leadership skills. Can communicate effectively in English, Cantonese, and Mandarin Candidate who has less experience could consider as Cyber Risk & Compliance Officer. Seniority level Mid-Senior level Employment type Full-time Job function Information Technology, Consulting, and Project Management Industries IT Services and IT Consulting and IT System Custom Software Development
#J-18808-Ljbffr