Last Updated: 2024/04/23
Company: Information Security Industry: Casino Resorts
Responsibilities:
Ensure company Information Security Policy is compliant with Macau Cyber Security Law (MCSL) and to carried out required activities accordingly.
Enforce company Information Security Policy based on industrial standards and best practices across all company properties and locations.
Oversee security control systems to prevent or deal with violation of Information Security Policies and Standards.
Review and revise Information Security policies, procedures, standards and checklists periodically to ensure compliance to the latest standards and best practices.
Coordinate/support an information security awareness program to deliver risk communication, awareness and training for audiences, which may range from senior leaders to field staff.
Coordinate/support internal/external audit activities; perform annual internal audit in conjunction with internal policy, regulation and governance. Ensure audit findings and corrective actions are closed out accordingly.
Review change/service request tickets in ticketing system within agreed SLA.
Remain informed on current standards, trends and issues in the information security industry.
Ensure cloud product (e.g. AWS, Azure, Alibaba) compliance to an array of cyber-security industry frameworks.
Support Information Security Operation Calendar activities.
Produce required dashboard for management reviews (e. Compliance, Vulnerability reports)
Requirements:
Bachelor degree in Management Information System, Computer Science or related disciplines.
2+ years of working experience in related field and with knowledge of security policies, standards, regulatory requirements such as ISO 27001, PCI-DSS, GDPR, MCSL
Fluent in written and spoken English and Chinese
Requires in depth experience and knowledge of enterprise IT concerns and technologies
Experience with managing a compliance and/or security organization, including planning and executing security policies and ds development
Strong analytical and inter-personal skills to communicate technical information to non-technical background users
Good knowledge of cloud platforms (e.g. AWS, Azure, Alibaba) and Macau Cyber Security Law is a plus