Information Security Manager

Our client, a leading international financial institution, is seeking an experienced and technically proficient Manager to join their Information Security team. The successful candidate will play a key role in strengthening the organization’s cybersecurity posture, ensuring compliance with regulatory standards, and supporting audit and governance activities across infrastructure and operations.

Responsibilities

Develop, implement, and maintain information security policies, procedures, and configuration baselines

Oversee infrastructure security and compliance, ensuring alignment with corporate standards and industry best practices

Perform regular and ad-hoc security acceptance tests on servers, networks, databases, and security devices

Conduct periodic reviews of firewall rulesets and other security tooling to ensure only necessary protocols and services are enabled

Monitor and manage security tools and systems (e.g., IDS/IPS, endpoint protection, SIEM platforms such as Splunk) and respond to security incidents in coordination with relevant teams

Manage the lifecycle of digital certificates and encryption keys, including issuance, renewal, revocation, and secure storage

Lead and coordinate audit-related activities, including evidence collection, report generation, and timely delivery to internal and external auditors

Support compliance initiatives across cybersecurity, data privacy, and operational risk domains

Requirements

University degree or diploma in Computer Science, Information Technology, or a related discipline

Professional certifications such as CISSP, CISA, CISM, or CCSP are strongly preferred

Minimum 5–8 years of relevant experience in IT security, infrastructure security, or a similar role; prior experience in the banking or financial services industry is advantageous

Solid understanding of network and infrastructure security, security policy frameworks, and regulatory standards (e.g., ISO 27001, HKMA, SFC)

Proven experience supporting audit and compliance processes, including internal/external audits and regulatory reviews

Strong analytical and problem-solving skills, with excellent communication and documentation abilities

Self-motivated, detail-oriented, and capable of working both independently and collaboratively in a team environment