Information Security Manager (InfoSec)

Job Post Information* : Posted Date 3 weeks ago(8/18/2024 11:46 PM)
ID
2024-5229
# of Positions
1
Pos. Category
Information Technology - Security
Office Location
Hong Kong - Wong Chuk Hang
Pos. Type
Regular Full Time

Overview

Mayer Brown is a leading law firm uniquely positioned to advise leading companies and financial institutions on their most complex legal needs. We have deep experience in high-stakes litigation and complex transactions across industry sectors, including our signature strength, the global financial services industry.

 

We are a collegial, collaborative and diverse firm where highly motivated individuals with an unwavering commitment to excellence receive the opportunity, support and development they need to grow, thrive and realise their greatest potential. We also encourage all our people to use their skills to support the wider community through our pro bono and community volunteering programmes. At Mayer Brown the principles of mutual respect, dignity and understanding are central to the way we work and help to provide an environment where diversity and inclusion are embraced.

Responsibilities

  • Develop and implement cybersecurity strategy, standards and procedures to govern the use of IT and protect the firm’s information system (including the development of an Incident Response Policy as well as playbooks)
  • Ensure security best practices are integrated across the firm’s IT infrastructure and operations
  • Oversee the monitoring, detection and response to security incidents and cyber threats
  • Maintain security tools and technology, ensure firewalls, data protection controls and encryption are well-functioning and up to date
  • Drive investigations and remediation of security breaches and data incidents in collaboration with the Legal Risk Management (“LRM”) team and Breach Counsel of the firm
  • Conduct periodic risk assessments to identify vulnerabilities and mitigate security risks
  • Keep abreast of related cybersecurity laws, regulations and industry standards in China and Hong Kong, and ensure the firm’s IT infrastructure and operation maintain compliance
  • Evaluate internal security policies and controls to identify areas of improvement
  • Collaborate with IT teams, LRM team and other stakeholders (where applicable) to provide security guidance on related projects
  • Work with IT team members to develop, maintain and regularly test the firm’s disaster recovery and business continuity plans
  • Develop and deliver training to educate employees on cybersecurity best practices and raise awareness
  • Stay informed on emerging threats and technology on innovative security solutions and tools
  • Perform other duties as assigned or required to meet Firm goals and objectives

Qualifications / Person Specification

Qualifications and Experience:

  • Bachelor’s degree in Cyber Security, Computer Science, Information Technology or related field
  • Minimum 8 years of relevant experience in Cyber Security Management, Technology Risk Management or IT audit with at least 3 years at managerial level. Experience from consultancy is advantageous.
  • Solid technical knowledge on security domains including Infrastructure Network Security, Application Security, Security Incident Management, Cloud Security and Threat Intelligence Analysis
  • Strong understanding of the best practices of cybersecurity management and control
  • Holder of CISSP/ CISM/ CRISC/ CISA/ CEH certification is advantageous
  • Hands on experience in managing security tools (firewalls, SIEM, SASE, DLP) would be preferred.
  • Proven ability to establish and maintain strong long-term relationships, communications and interact professionally with a diverse group of stakeholders at all levels
  • Proven ability to work on own initiative and without supervision
  • Proven change management skills and experience

Specific Technical Skills:

  • Proficiency in Microsoft Office products
  • Ability to articulate complex technologies to non-technical people and help technical people understand the business requirements better
  • Strong analytical and problem-solving skills

Performance Traits:

  • Strong written and verbal communication skills in English and Chinese, able to communicate effectively and in a professional manner with all levels of the Firm and outside vendors
  • Must possess a highly collaborative nature and demonstrate an exceptional ability to work with teams and in diverse environment, ensuring a high level of cooperation and supporting the needs of the Firm.
  • Ability to work under pressure, meet deadlines with shifting priorities
  • Must be a self-starter with a high level of initiative
  • Strong customer service skills, able to anticipate needs and exercise independent judgment
  • Strong attention to detail, organizational skills and the ability to handle multiple projects
  • A strong appreciation of value achieved through astute financial management including budget planning and operational expense management
  • A high level of discretion in preserving the confidentiality of sensitive information
  • The ability to be proactive and creative in identifying and solving problems and issues
  • Maintains confidentiality and exercises discretion
  • Exercises solid strategic thinking and problem-solving skills
  • Resilient and able to handle setbacks
  • Possesses self and team awareness – recognizes and understands both personal and team dynamics and can leverage effectively to drive results
  • Ability to act as a role model for other members of the department regarding leadership, work ethic, self-improvement and career development. Ability to mentor and guide staff towards continuous improvement mentality
  • Willingness to challenge the status quo

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed