Latest Updates
Job Title
Assistant Cybersecurity Manager
Deadline
11/10/2024
ASSISTANT CYBERSECURITY MANAGER
Advises airline leadership on all matters pertaining to Cyber Security and IT Risk Management in the areas of system and data Confidentiality, Availability and Integrity.
Key Responsibilities:
In IT related functions, with a focus on cybersecurity:
- Primary cyber security liaison between IT, Tech Ops and airline operations. Responsible for the cyber security end-user training and employee cyber awareness training programs
- Owns and maintain the airline Cyber Security Risk Assessment and Programme
- Responsible for IT Incident Response Plan and drill
- Conduct IT risk and security assessments to identify security risks and follow up mitigation actions, especially to critical systems
- Deliver vulnerability scanning, various types of penetration tests for internal systems covering infrastructure, web application, mobile application regularly and report findings to senior management
- Advice in the development of security architecture, security policies, principles, and standards
- Provide support in the resolution of reported security incidents and provide leadership where required
- Maintain up-to-date understanding of the latest threats, vulnerabilities, life cycle management, mitigation, and industry best practices
- Develop security awareness material and conduct security awareness training to Greater Bay Airlines staff
Requirements:
- University graduate in IT, Engineering, Mathematics or equivalent
- 5 years in IT security field with certificate in CISSP, OSCP, CEH, GCIH or GIAC or equivalent
- Experience with common information security management frameworks, such as ISO 27001, NIST, CobiT, ITIL, PCI, are assets
- Knowledge and experience in infrastructure and networks design
- Experience in gap assessment, data privacy regulatory compliance assessment and audit, and experience with implementation of security technologies such as: Linux/Windows, VMware, Firewall, DLP, SIEM, IPS, Antimalware, Threats & Vulnerabilities monitoring, Web Proxy, ATP tools, PKI and cloud security is preferred but not mandatory
- Experience in airlines industry will be an advantage
- Strong problem solving, analytical, interpersonal and communication skills with hight proficiency of English and Chinese
- Self-motivated and able to work independently
- Candidate with more experience may be considered as Cybersecurity Manager
We offer a competitive compensation package to the successful candidate. Interested parties, please click “Apply Now” to send full resume with the latest and expected salary package to the Human Resources Department no later than 11 October 2024.
Personal Information Collection Statement
Please read the following:
- The personal data provided by you will be used by the Greater Bay Airlines Company Limited (the Company) to assess your suitability for the position you are applying for; to verify information provided by you; and, if successful, to facilitate the determination of your remuneration and benefits package.
- The completion of all items indicated on the employment application form is obligatory for the further processing of your application.
- Your personal data held by the Company will be kept strictly confidential; and will only be disclosed to the authorised persons within the Company for processing your application and/or may be transferred and disclosed to third party service providers including but not limited to the recruitment agencies to assist with the Company’s human resources functions.
- Under the Personal Data (Privacy) Ordinance, you have the right to request access to, and to request correction of, your personal data held by the Company. Such request should be made in writing and addressed to:
Personal Data Officer
Human Resources Department
Greater Bay Airlines Company Limited
12/Floor, One Citygate, 20 Tat Tung Road,
Tung Chung, Lantau,
Hong Kong - The Company has the right to charge a reasonable fee for the costs related to your request for data access, as permitted under the Personal Data (Privacy) Ordinance.
- If you have not been contacted by the Company within 8 weeks of the job posting date, you may consider your application unsuccessful. Your personal data will be kept for a period of 12 months from the job posting date, and will be destroyed thereafter.
- If you are invited to attend an interview or a test but are not further contacted by the Company within 8 weeks of your attendance of the interview or test, you may consider your application unsuccessful. Your application and test paper (if applicable) will be kept for 12 months from the date of the last interview or test attended by you, and will be destroyed thereafter.
- If your application for employment is successful, your personal data will be transferred to your personal file, to be used by the Company for employment purpose.