Job Responsibilities:
l Responsible for data security protection and risk control of Hong Kong insurance companies’ IT systems
l At the insurance institution site, according to the customer's responsible person's arrangements, develop and maintain data security solutions to ensure that data security risks are minimized
l In the case of customer system manager authorization, collect and monitor data security indicators from the relevant customer systems, complete data security level evaluation and potential risk identification and analysis.
l Based on the user's overall data security strategy and management requirements, develop and refine a comprehensive data security management solution that covers the entire data life cycle, including data collection, storage, processing, transmission, and destruction.
l Interpret and analyze internal management requirements and higher-level supervision requirements of insurance institutions, write and organize various standardized data security management documents.
l Provide training, explanation and review on data security governance solutions. Complete the landing of safety management standards in relevant department organizations, and promote the full execution of data security risk governance.
Requirements:
l Bachelor's degree or above in computer science or information security, with at least two years of work experience in enterprise IT system management and data security management
l Have permanent residency in Hong Kong, able to provide long-term and stable services to Hong Kong customers on site
l Proficient in data security-related technical systems and tools, such as data lineage, sensitive data protection, data privacy compliance, zero trust, encryption technology, secure transmission, and secure storage,
l Have in-depth understanding of the latest trends and technologies in network security, including but not limited to cloud security, data security, and identity authentication
l Proficient in the use of office, wps and other mainstream office software, able to independently complete the writing of various requirement documents
l Proficient in network security products (such as firewalls, intrusion detection systems (IDS), web application firewalls (WAF), etc.), as well as security technologies such as encryption, desensitization, etc.
l Proficient in Linux and Windows operating system maintenance, with the ability to write scripts (such as Python, Shell), familiar with mainstream monitoring systems (such as Zabbix, Cacti, Nagios) deployment, application and extension, and network fault troubleshooting ability
l Have good communication and expression skills, in addition to English and Cantonese, have a certain amount of Mandarin communication skills, and be able to complete daily work communication with customers
