About this role
Position Description This role of Data and Cyber Security Governance Lead, IT Security based out Hong Kong, to lead and manage data and cybersecurity governance initiatives & projects.
Key Areas of Responsibilities
• Revise the organization’s cyber security and data security framework, policies, standards, and procedures for cybersecurity and data handling
• Establish, implement, and enforce a comprehensive governance framework that aligns with organization’s policies defining data management, data lifecycle, data protection and data leakage protection
• Ensure infrastructure, systems and applications adhere to laws, regulations and best industry standards (e.g., GDPR, MAS, ISO 27001, NIST, Data Protection laws in China)
• Maintain audit readiness and respond to compliance assessments, audit inquiries, client questionnaires, and regulator’s requests
• Identify, assess, and prioritize cyber risks to the organization. Build an effective cybersecurity and data management framework and deploy it
• Establish governance to organization's vulnerability management program with Application and Platform teams
• Provide regular reports and dashboards on cybersecurity governance and compliance status
• Ensure full compliance to all company policies, required training and regulatory requirements
• Establish a cloud governance framework to manage CSI’s multi cloud strategy involving AWS, Azure, and Alibaba Cloud
• Assist to manage IT security portfolio at Citic Securities Intl
Requirements
• Bachelor’s degree or higher, in Computer Science or Software Engineering
• 10+ years of overall IT experience, with minimum 5 years in ServiceNow CMDB implementation and management
• Hands-on expertise in ITSM, ITOM, HAM, and SAM modules
• Strong knowledge of ServiceNow Discovery, Service Mapping, I&R, and CSDM.
• Experience integrating CMDB with AWS and Azure cloud environments.
• Proficiency in JavaScript, REST/SOAP APIs, and MID Server configuration.
• Relevant ServiceNow certifications (CIS – Discovery, CIS – Service Mapping, CSDM Practitioner, CSA/CAD) are mandatory
• Experience with governance and compliance in financial services.
• Familiarity with automation for CMDB health remediation
• Fluent in both spoken and written English. Fluency in spoken and written Mandarin is an advantage
• Excellent stakeholder management and communication skills
Stay informed on CITIC CLSA Job Opportunities Not the right fit? You can create a job alert to receive our latest job openings that meet your interest.