職責
受聘人主要負責:
(a) 檢視資訊科技安全風險管理計劃、資訊科技安全風險評估報告和資訊科技安全審核報告;
(b) 檢視資訊科技安全遵行情況並進行必要的跟進;
(c) 參考最新的國內及國際標準和業界良好作業,研究、制定和檢視資訊科技安全政策及指引;
(d) 與業界持份者對資訊科技安全遵行相關事宜聯繫;及
(e) 協助採購、設置、維護及支援辦公室資訊科技設備、資訊系統及服務;及
(f) 執行行政工作及上司指派的其他職務。
(a) 檢視資訊科技安全風險管理計劃、資訊科技安全風險評估報告和資訊科技安全審核報告;
(b) 檢視資訊科技安全遵行情況並進行必要的跟進;
(c) 參考最新的國內及國際標準和業界良好作業,研究、制定和檢視資訊科技安全政策及指引;
(d) 與業界持份者對資訊科技安全遵行相關事宜聯繫;及
(e) 協助採購、設置、維護及支援辦公室資訊科技設備、資訊系統及服務;及
(f) 執行行政工作及上司指派的其他職務。
Successful candidates are mainly deployed to -
(a) review IT security risk management plans, IT security risk assessment reports and IT security audit reports;
(b) review IT security compliance status and conduct necessary follow-ups;
(c) research into, develop and review IT security policies and guidelines referencing the latest national and international standards and industry best practices;
(d) liaise with industry stakeholders in IT security compliance related matters;
(e) assist in the procurement, setup, maintenance and support of office IT equipment, information systems and services; and
(f) perform administrative tasks and any other duties assigned by the supervisor
(a) review IT security risk management plans, IT security risk assessment reports and IT security audit reports;
(b) review IT security compliance status and conduct necessary follow-ups;
(c) research into, develop and review IT security policies and guidelines referencing the latest national and international standards and industry best practices;
(d) liaise with industry stakeholders in IT security compliance related matters;
(e) assist in the procurement, setup, maintenance and support of office IT equipment, information systems and services; and
(f) perform administrative tasks and any other duties assigned by the supervisor
入職條件
申請人必須
(a) 持有本港大學頒授的計算機科學、資訊系統、電子工程或相關學科學士學位,或以上學歷;
(b) 符合語文能力要求,即在香港中學文憑考試或香港中學會考中國語文科和英國語文科考獲第2級,或同等成績[註(1)];
(c) 在資訊保安範疇,如資訊科技安全審核、資訊科技安全事故應變、資訊科技安全風險管理及資訊科技安全遵行具備最少5年相關工作經驗;
(d) 具備註冊資訊安全專業人員(Certified Information Security Professional, CISP)、國際電腦稽核師認證(Certified Information Systems Auditor, CISA)、國際資訊安全經理人認證(Certified Information Security Manager, CISM)、註冊資訊系統安全師(Certified Information Systems Security Professional, CISSP)等相關專業資格;
(e) 具備良好的資訊科技安全架構知識;及
(f) 具備優良的溝通技巧及良好中英文會話及書寫能力。
(a) 持有本港大學頒授的計算機科學、資訊系統、電子工程或相關學科學士學位,或以上學歷;
(b) 符合語文能力要求,即在香港中學文憑考試或香港中學會考中國語文科和英國語文科考獲第2級,或同等成績[註(1)];
(c) 在資訊保安範疇,如資訊科技安全審核、資訊科技安全事故應變、資訊科技安全風險管理及資訊科技安全遵行具備最少5年相關工作經驗;
(d) 具備註冊資訊安全專業人員(Certified Information Security Professional, CISP)、國際電腦稽核師認證(Certified Information Systems Auditor, CISA)、國際資訊安全經理人認證(Certified Information Security Manager, CISM)、註冊資訊系統安全師(Certified Information Systems Security Professional, CISSP)等相關專業資格;
(e) 具備良好的資訊科技安全架構知識;及
(f) 具備優良的溝通技巧及良好中英文會話及書寫能力。
Candidates shall:
(a) have a Bachelor’s degree or above in Hong Kong in Computer Science, Information System, Information Technology, Electronic Engineering or a related discipline;
(b) have met the language proficiency requirements of Level 2 or above in Chinese Language and English Language in the Hong Kong Diploma of Secondary Education Examination (HKDSEE) or the Hong Kong Certificate of Education Examination (HKCEE), or equivalent [Note (1)];
(c) have at least 5 years of relevant work experience in the field of information security, e.g. IT security audit, IT security incident response, IT security risk management and IT security compliance;
(d) possess relevant professional qualification(s) such as Certified Information Security Professional (CISP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP);
(e) have sound knowledge in IT security frameworks; and
(f) have strong communication skills with good command of both written and spoken English and Chinese.
(a) have a Bachelor’s degree or above in Hong Kong in Computer Science, Information System, Information Technology, Electronic Engineering or a related discipline;
(b) have met the language proficiency requirements of Level 2 or above in Chinese Language and English Language in the Hong Kong Diploma of Secondary Education Examination (HKDSEE) or the Hong Kong Certificate of Education Examination (HKCEE), or equivalent [Note (1)];
(c) have at least 5 years of relevant work experience in the field of information security, e.g. IT security audit, IT security incident response, IT security risk management and IT security compliance;
(d) possess relevant professional qualification(s) such as Certified Information Security Professional (CISP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP);
(e) have sound knowledge in IT security frameworks; and
(f) have strong communication skills with good command of both written and spoken English and Chinese.
入職條件(註)
(1) : 2007年前的香港中學會考中國語文科和英國語文科(課程乙) E級成績,在行政上會被視為等同2007年或之後香港中學會考中國語文科和英國語文科第2級成績。