We are seeking a highly skilled and detail-oriented Business Analyst with a strong background in application security to join our team in the insurance sector. The successful candidate will be instrumental in supporting our security initiatives across the application landscape, ensuring compliance with relevant regulations, and driving risk mitigation strategies.
In this role, you will work closely with internal stakeholders, technology teams, and external regulatory bodies to assess, enhance, and monitor security measures related to application development and deployment. You must have sound knowledge of security requirements within complex IT environments and demonstrate best practices for secure application architecture and lifecycle management.
Key Responsibilities:
- Collaborate with cross-functional teams to identify, assess, and mitigate security risks in applications.
- Analyse security requirements and translate them into actionable strategies and documentation.
- Support audit and regulatory compliance efforts; prepare reports and documentation for regulatory authorities.
- Work with external consultants and internal teams to implement security frameworks and standards.
- Lead or participate in security gap analyses, vulnerability assessments, and risk evaluations.
- Continuously monitor trends in cyber security, regulatory expectations, and technological advancements.
Requirements:
- Bachelor’s degree in Information Technology, Computer Science, Cyber Security, or a related field.
- Minimum 5 years’ experience as a Business Analyst with a focus on application security.
- Strong track record of working within insurance, financial services, or consultancy environments.
- Experience in liaising effectively with regulatory bodies and understanding of relevant compliance frameworks.
- Familiarity with security best practices and standards such as OWASP, ISO 27001, and NIST.
- Proven background in a Big 4 consultancy or banking environment is highly desirable.
- Excellent communication and stakeholder management skills.
- Good understanding of SDLC, Agile methodologies, and DevSecOps practices.
Location: Kowloon, Hong Kong
Salary: HKD 50,000 – 60,000 per month
This is an exciting opportunity to contribute to a dynamic IT security function within the insurance industry. If you are passionate about cyber security and keen to make a measurable impact, we encourage you to apply.
