With over 14,500 stores and 4 billion happy customers across 24 markets in Asia and Europe, A.S. Watson is the world’s largest health & beauty retailer.
Senior Manager - Group Information Technology Security
Hong Kong
This role forms part of the A.S. Watson Group IT (GIT) Security function and supports the Head of Data Privacy and Information Security with implementing and executing the Information Security Risk Management Policies in Asia region. The role is responsible for the successful implementation of the ISF Standard of Good Practice Framework, remediation of to establish the required level of maturity across the Group and ongoing support to the Business Units (BUs). This is not an operational role,
but rather one with strategic and tactical responsibilities.

The Group is in the early stages in implementing the ISF Framework, so this provides an opportunity for the role to be involved in the design and set up of the Framework. The role will be involved in building an extended team of BU security officers who will provide the necessary representation at local level and embed security.

Responsibilities:

  • Advise the Dept. Head on information security issues.
  • Support the Dept. Head with developing corporate IT Policies, Standards and baselines.
  • Direct and manage the BU Information Security Managers to ensure information security control implementation and
    execution within local Business Units
  • Provide guidance to the Group and BU's by developing, maintaining and publishing up-to-date security procedures,
    standards and guidelines.
  • Manage and assess information security risks for Group and high-risk projects such as conducting (third party) risk
    assessments and Information Security audits.
  • Review the BU's Information Security Year Plans and monitor status and progress on execution.·
  • Plan, research and specify robust security architectures for IT Infrastructure and IT projects



Job Requirements

  • University graduate with 10+ years working experience in IT and information security.
  • With Information Security Certifications (CISSP, CISM, CISA, or equivalent industry certifications)
  • Strong experience with standards work in information security, such as ISF or ISO 2700x a must.
  • Expert knowledge of risk assessment procedures, technologies and Cyber security attacks and threads.
  • Excellent knowledge of cyber security technologies, IT Infrastructure and IT standards (ITIL, network technology, storage, databases, various operating systems as Windows/UNIX), and web technologies (focusing on network security).
  • Fluent Chinese and English (verbal & written communication capability.
  • Excellent communication skills and the ability to work across the organization at all levels, and geographical locations.
Cathay Pacific | Australia

We have an opportunity for a part-time (average of 30 hours per week) AME to perform aircraft maintenance on CX and third party operated aircraft. This role pivotal in ensuring that a high level of sa...

2 days ago
HKBN | Hong Kong

HKBN's Technical Trainee is an 18-month structured development programme that allow elite and tech savvy talents to build both technical & professional competences and become Information Techn...

2 weeks ago
Asia Miles | Hong Kong

Asia Miles, Asia's leading travel and lifestyle rewards programme, is now looking for an Assistant Digital Product & Technology Manager to manage our programme's core system and new applicatio...

2 weeks ago
A.S. Watson Group | Hong Kong

This role forms part of the A.S. Watson Group IT (GIT) Security function and supports the Head of Data Privacy and Information Security with implementing and executing the Information Security Risk Ma...

4 weeks ago
Towngas | Hong Kong

Founded in 1862, The Hong Kong and China Gas Company Limited (Towngas) was Hong Kong's first public utility. Today, we are one of the largest energy suppliers in Hong Kong, operating with world-class ...

1 month ago