Home   Careers   Job Openings   Senior Manager – Information Security

Senior Manager – Information Security

— Information Technology


  • Serve as the Group Information Security champion and oversee the design, implementation, and governance of information security standards, policies, and best practices, provide recommendations for security enhancements to IT management
  • Stay updated on the latest information technology security trends and threat intelligence
  • Manage the implementation and utilization of security tools such as endpoint protection, email protection, advanced threat protection, network security, mobile security, privileged account management, security awareness etc.
  • Direct the installation and configuration of infrastructure equipment like firewalls and endpoints to safeguard against cybersecurity attacks and protect sensitive information
  • Conduct and manage security risk assessments and compliance checks regularly
  • Act as the main point of contact for internal and external parties regarding information assurance and security, support and coordinate the execution of external and internal IT audit
  • Lead the Information Security Operations Team, including a managed Security Operations Center (SOC), to monitor, detect, and investigate security incidents 24/7
  • Coordinate closely with the Infrastructure & Operations team for incident management on a 24/7 basis
  • Manage the Cybersecurity Awareness Program, including organizing employee security training including class room training and conducting phishing tests


  • University Degree in Computer Science or related disciplines
  • At least 15 years experience in Information Security and Infrastructure, preferably in InfoSec or Security Operation environment
  • Holder of security certificates (e.g. CISSP, CISM, CISA, CEH, … etc.) is a must
  • Holder of ISO 27001:2013 certification is highly desirable
  • First-hand knowledge and proven experience with security monitoring, protection and automation products such as SIEM, UBA, PAM, CASB and SO Automation tools
  • Hands-on experience with security infrastructure (e.g. Privileges ID management, Endpoint security, Firewall, PIM, IPS, DLP, APT and WAF) and web technologies (e.g. HTTP and .Net)
  • Up-to-dated knowledge of technical security controls in a modern IT environment including private cloud, Microsoft Azure, Office 365 and Amazon Web Services
  • Proven experience in designing and implementing security standard, policy and guidelines
  • Experience of writing and introducing effective information security and compliance policies/guidelines
  • Proven track record of leading in-house security operations team to perform incident management for security incidents and events including lessons learned
  • Highly self-motivated and able to work under pressure
  • Strong vendor management skill
  • Good Interpersonal and Communication skills
  • Customer focused and influential, with a strong desire to drive results

How to apply

  • By e-mail: hr@nanfung.com
  • By mail: The Human Resources Manager, Nan Fung Development Limited, 17/F., AIRSIDE, 2 Concorde Road, Kai Tak, Hong Kong


Remarks: You are required to click on the link below and read our Personal Information Collection Statement Pertaining to Recruitment carefully before you submit your application: www.nanfung.com/en/pics/.