Analyst, IT Security Assurance

Job level Entry
Work exp No work experience
Education Associate Degree
Location
Within Hong Kong
Employment type Full Time
Industry Insurance / Pension Funding (MPF)
Job function Information Technology > Security / Audit
Information Technology > Technical Writing / Consulting
Published On 10/02/2020
ref. 20000025_28156

AXA HK Security Team acts a partner with AXA HK business to keep AXA and our customer data safe and provide operational resilience.

Our security team develops and implements the security strategy, in line with Group and local direction and relevant legal and regulatory requirements; and provides governance and oversight for first line security activities.

We are building a new security assurance team to support AXA HK Chief Security Officer works in collecting and maintaining up-to-date evidence in support of Hong Kong and Macau compliance and regulatory requirements. The duties of the Analyst, Security Assurance includes:-

  • Work with the Security Assurance team in responding to internal and external security assurance assessment and audit related activities (i.e. regular Local/Group reporting)
  • Support 1st line response to internal/external security audit/compliance assessments
  • Contribute to security assurance reviews in support of cyber security, physical security and operational resilience and identify security deficiencies
  • Support maintaining an efficient inventory of security documents, including local security policies, security process documents and evidence of security controls
  • Coordinate security awareness activities


Requirements:

  • 1+ years of experience in information technology
  • Degree in information system, information security, computer science or closely related field is preferred, but not mandatory
  • Problem solving skills and ability to work under pressure
  • Strong networking skills and team player
  • Good communication skills
  • Ability to apply analytical rigour in responding to audit and assessment requirements
  • Understanding of security principles, techniques, and protocols
  • Security industry certification i.e. CISA, SSCP or equivalent (preferred)
  • Fluent in English (verbal and written)
  • Fluent in Cantonese (verbal) an added advantage
  • Candidates with less experience will be considered.