About Us

Founded in 1956, Maxim’s Group is one of Asia’s leading food and beverage companies, operating Chinese, Western, Japanese and Southeast Asian restaurants, quick service outlets, bakery shops and cafes, and an institutional catering service. Maxim's Group also produces a range of festive products, including the award-winning Hong Kong MX Mooncakes, and is a licensee of Starbucks Coffee, Genki Sushi, IPPUDO, The Cheesecake Factory and Shake Shack in various territories. Altogether, the Group has over 40,000 employees and 2,000 outlets in HK, China, Macao, Singapore, Thailand, Vietnam, Cambodia, Malaysia and Laos.

Proud of our heritage and humbled by our success, we are committed to a sustainable and innovative future. To learn more about Maxim’s, visit www.maxims.com.hk

Summary 

Responsible for driving the company’s IT governance and security management frameworks and their on-going development. Working on reviewing and improving established IT practices and controls, engaging stakeholders for effective implementation, execution, and continuous improvements.

Responsibilities

• Establish and maintain IT group policies, standards, and guidelines based on industry best practices, company requirements, and local regulations
• Regularly review internal policies and global standards (e.g., NIST, ISO 27001, PCI DSS) to ensure ongoing compliance.
• Regularly review ITSM process flows (e.g., ISO20000 or ITIL v4) to ensure ongoing service quality.
• Assist IT teams in internal and external audits, including pre-audit review, liaison with auditors and stakeholders, and post-audit follow-up
• Conduct technical security assessments on IT and digital initiatives and projects
• Provide awareness training on relevant policies and guidelines
• Explore technical solutions to protect company assets related to information
• Investigate and manage cyber security incidents

Requirements

• Minimum 8 years or more solid experience in IT governance, security, and/or compliance areas in a sizable organization, preferably with regional presence in AP (e.g., CN, SEA)
• Practical knowledge in global standards/frameworks, such as NIST, ISO/IEC 27001, ISO20000, ITILv4 and PCI DSS
• Excellent presentation skills and proficiency in communication and interpersonal skills
• Proactive, strong problem-solving skills and ability to work under pressure
• Possession of related professional certification (e.g. CRISC, CEH, CISA or CISSP, etc.) is an advantage

Interested parties please apply with full resume, state current and expected salaries by clicking "Apply Now".

All applications and data collected will be treated in strict confidence and used exclusively for recruitment purposes. Only short listed candidates will be invited for interview. The company will retain the applications for a maximum period of 24 months and may refer suitable candidates to other vacancies within the Group.