Analyst - Information Security (Compliance)Ref:217533

Last Updated: 2022/08/10

Company: Information Security Industry: Casino Resorts


  • Ensure company Information Security Policy is compliant with Macau Cyber Security Law (MCSL) and to carried out required activities accordingly.

  • Enforce company Information Security Policy based on industrial standards and best practices across all company properties and locations.

  • Oversee security control systems to prevent or deal with violation of Information Security Policies and Standards. 

  • Review and revise Information Security policies, procedures, standards and checklists periodically to ensure compliance to the latest standards and best practices.

  • Coordinate/support an information security awareness program to deliver risk communication, awareness and training for audiences, which may range from senior leaders to field staff.

  • Coordinate/support internal/external audit activities; perform annual internal audit in conjunction with internal policy, regulation and governance. Ensure audit findings and corrective actions are closed out accordingly.

  • Review change/service request tickets in ticketing system within agreed SLA.

  • Remain informed on current standards, trends and issues in the information security industry.

  • Ensure cloud product (e.g. AWS, Azure, Alibaba) compliance to an array of cyber-security industry frameworks.

  • Support Information Security Operation Calendar activities.

  • Produce required dashboard for management reviews (e. Compliance, Vulnerability reports)


  • Bachelor degree in Management Information System, Computer Science or related disciplines.

  • 2+ years of working experience in related field and with knowledge of security policies, standards, regulatory requirements such as ISO 27001, PCI-DSS, GDPR, MCSL

  • Fluent in written and spoken English and Chinese

  • Requires in depth experience and knowledge of enterprise IT concerns and technologies

  • Experience with managing a compliance and/or security organization, including planning and executing security policies and ds development

  • Strong analytical and inter-personal skills to communicate technical information to non-technical background users

  • Good knowledge of cloud platforms (e.g. AWS, Azure, Alibaba) and Macau Cyber Security Law is a plus