Position Summary

The Senior Manager - Strategy & Governance is responsible for protecting GEG's information assets. He/she will work under the supervision and guidance from the Assistant Vice President to provide support to the development, management and implementation of corporate-wide information security controls.

Primary Responsibility Plan, coordinate and drive information security programs among the teams Define a world class information security strategy for GEG, focusing on Attack Mitigation, Incident Detection, Risk Remediation, and etc Define and recommend information security policies for approval by management Align information security framework with the GEG business strategy and objectives Promote information security awareness among the GEG Lead Information Security Incident Management Process from identification, analysis, containment, eradication, communication and reporting. Working with internal and external parties to identify the root cause and design the mitigation measures Manage information security risk portfolio with IT Risk Compliance Manager, and work with other team to make sure all the risks are properly addressed Plan and manage team skills through training and acquisition of new talent where appropriate Manage, mentor and inspire the information security team members to deliver high quality results Update the management and major stakeholders with latest information security trends, threat, and solutions Communication – timely and effective communication with senior management Requirements Bachelor's degree in computer science, computer engineering, systems analysis, or a related study, or equivalent experience 6 or more years of experience in not less than one IT discipline including, but not limited to; application support, application development, data analysis, data center, servers and storage, networking, middleware, database management, IT operations, etc Excellent written and verbal communication skills with an excellent ability to communicate in English.  The ability to communicate in Cantonese and/or Mandarin will be an advantage Excellent planning and organizational skills Excellent interpersonal skills, including teamwork, facilitation and negotiation Strong leadership skills Excellent analytical and technical skills Excellent ability to translate business needs into technical requirements Excellent problem solving skills Excellent customer service skills Excellent knowledge of financial models and budgeting Excellent ability to tactfully and positively manage and maintain business relationships Have at least 5 years experiences in information security management domains CISSP or CISM is a must; CRISC or CISA certifications is an added advantage