We are seeking an experienced Information Security Analyst to join a leading life insurer based in Hong Kong. This role will play a critical part in safeguarding the organisation’s technology infrastructure and sensitive data. As an Information Security Analyst, you will be responsible for identifying and mitigating security risks, conducting security assessments, and ensuring compliance with industry regulations and internal policies.
The ideal candidate will possess strong analytical and problem-solving abilities, in-depth knowledge of information security principles, and a solid understanding of risk management practices within the insurance or financial services sector. You will work closely with IT, compliance and business units to ensure security measures are effectively implemented and maintained.
Key Responsibilities:
- Monitor, analyse and respond to security incidents and threats.
- Conduct vulnerability assessments and penetration testing.
- Maintain security systems including firewalls, intrusion detection/prevention systems, antivirus software, and other security infrastructure.
- Assist in the development of information security policies, procedures and standards.
- Support audits and regulatory assessments by providing evidence of compliance and implementing improvements where necessary.
- Collaborate with cross-functional teams to conduct security awareness training and promote a culture of security.
- Evaluate new technologies and tools to enhance security capabilities and reduce risk.
- Develop and maintain documentation related to security architecture, incident response and system configurations.
Requirements:
- Bachelor’s degree in Computer Science, Information Security, or related field.
- Minimum 3 years’ experience in information security, preferably within insurance or financial institutions.
- Professional certifications such as CISSP, CISM, CEH or similar are strongly preferred.
- Deep understanding of security frameworks and standards such as ISO 27001, NIST, and COBIT.
- Proficiency in tools and technologies including SIEM, endpoint protection, firewalls, and vulnerability management platforms.
- Strong communication and interpersonal skills with the ability to translate technical risks to non-technical stakeholders.
- Ability to manage multiple tasks and projects within tight deadlines in a dynamic, fast-paced environment.
- Fluent in English; proficiency in Cantonese or Mandarin is an advantage.
This position offers an excellent opportunity to contribute to the progression of cyber security in a critical industry. If you are passionate about information security and eager to make a significant impact within a reputable life insurer, we encourage you to apply for this integral position.
