• Enforce the strict implementation of local Cybersecurity law, regulation and standard
• Lead the product and solution security matters including implementation of regulations and standardization, incident handling, security testing, etc.
• Align, coordinate and implement initiatives or project on enterprise IT security, OT security, data security and cloud/mobile security
• Drive local cybersecurity community
• Support and represent Siemens Ltd. Hong Kong for Cybersecurity topics internally and externally

In addition, this incumbent will be in dual role as Product & Solution Security Expert in our Regional Solutions & Services business unit in Greater China, covering mainland China, Hong Kong and Taiwan.

• Align with internal and external stakeholders to review and approve the end-to-end solutions offered, focus on cybersecurity
• Implement the processes and tools (i.e. Works credentials/Password management program) with periodic reviews
• Provide continuous training and learning to sales and technical teams
• Continuous review and support sales in LOA Project Classification with handover from Sales to Project and to Service teams
• Identify and report Cybersecurity-Product & Solution Security incidents to relevant country, lead country, region stakeholders
• Review all internally and externally developed and customized applications
• Perform annual Cybersecurity-Product & Solution Security maturity assessment and gap implementation
• Perform supplier qualification assessment for new suppliers
• Be the advocate on Cybersecurity-Product & Solution Security topics
• Support and coordinate activities with Cybersecurity-Product & Solution Security units
• Sparingly support Sales and Technical team in customers discussions and design review in alignment with Principal IT/OT Cybersecurity Solution Architect at RMA level

Requirements:

Individuals who meet the following requirements or possess the equivalent combination of competence and experience are invited to apply:

• Degree in Computer Science/Engineering or Business Information Technology
• At least 5 years of experience in similar roles with additional experience in the Cybersecurity, IT / or technology related fields preferred
• CISSP, CISA, CISM or CEH or related professional qualifications preferred          
• Experience in design and implementation of pragmatic protection measures in Cloud (i.e., AWS, Azure) and SaaS environments
• Solid knowledge about current threats to IT applications/services and infrastructures and are familiar with state-of-the-art protection measures
• Deep knowledge of enterprise information technology concepts and digitalization use cases
• Awareness of technology megatrends such as cloud computing and other disruptive technologies
• Ability to translate technical concepts into business-friendly terminology (verbally and written)
• Strong team player and collaborator with robust interpersonal skills
• Strong analytical skills to identify, assess and mitigate security vulnerabilities
• Experience working with various stakeholders, e.g., communication of technical topics to C-suite audiences
• Application in Information Security Frameworks (e.g., ISO 27001) preferred
• Practical experience in Enterprise Risk Management (ERM)
• Proficient in written and spoken English and Mandarin

We are an equal opportunity employer and welcome applications from all qualified candidates. Attractive remuneration package and excellent career prospects will be offered to the right candidate. Interested persons, please send your full resume and expected salary by clicking “APPLY NOW”.

Applicants not hearing from us within 4 weeks from the date of advertisement may consider their applications filed for future reference. We reserve the right to review applications received for suitability for other posts within the company. Personal data provided by job applicants will be used strictly for recruitment related purpose only. We shall retain the personal data of unsuccessful applicants for a period of 2 years.