Company Description: A leading company in the logistics industry, providing container terminal services and committed to maintaining high operational and security standards in critical infrastructure.
Location: Kwai Chung
Nature: Permanent
• Support the development and implementation of cybersecurity policies and procedures to align with organizational goals and regulatory requirements.
• Coordinate incident response activities, including the investigation and thorough documentation of security breaches.
• Implement and maintain security controls and solutions in accordance with ISO 27001 standards and other relevant security frameworks.
• Conduct regular risk assessments and vulnerability scans, recommending and tracking appropriate mitigation strategies.
• Manage and monitor security tools such as firewalls, SIEM, endpoint protection, and other threat detection platforms.
• Collaborate with IT, compliance, and operational teams to ensure consistent adherence to security policies and best practices.
• Assist in internal and external IT audits and support engagements with third-party audit firms.
• Deliver cybersecurity awareness and training programs for staff and contractors.
• Prepare precise technical reports and risk analysis documentation for management review.
• Bachelor's degree in Computer Science, Information Security, or a related field.
• Minimum of five to seven years of experience in IT, with at least three years in dedicated cybersecurity roles.
• Professional certifications such as CISSP, CISM, CISA, or equivalent are required, with CRISC being a plus.
• Strong knowledge of network security, application security, cloud security, and endpoint protection.
• Proven experience in conducting risk assessments and effectively managing security incidents.
• Familiarity with security frameworks and standards, including ISO 27001, NIST, and COBIT.
• Experience with major cloud platforms (AWS, Azure, GCP) is highly desirable.
• Excellent analytical, problem-solving, and communication skills with the ability to work independently and manage multiple priorities.
• Proficiency in Cantonese is required, as the internal IT team primarily communicates in Cantonese.
