Job ref no.: ISC/CT
CK Hutchison Holdings Limited

Group Information Security Consultant

CK Hutchison Holdings Limited

The Group Information Services Department, located in Hunghom, strives to serve the system needs of Head Office and is responsible for coordinating the information technology related services within the CK Hutchison Group. We are looking for an Information Security professional accountable to the Group Security Officer, to help identify, assess and remediate information risks associated with the use of technology in the Group through the establishment and maintenance of appropriate risk management and governance frameworks and processes.


  • Develop and maintain Information Security policies, guidelines, standards, processes and procedures for the Group
  • Work with the business units and stakeholders to facilitate information risk analysis and risk management processes, and communicate current risk posture
  • Understand, communicate and apply Information Security controls to address internal and external compliance requirements
  • Perform security risk and vulnerability assessments on IT systems, provide technical advice to ensure that all identified Information Security risks are mitigated and requisite Information Security controls are implemented
  • Lead delivery of Information Security projects
  • Provide input into Group Information Security strategy
  • Conduct Information Security awareness programmes to promote security awareness to all employees
  • Manage provisioning, de-provisioning, certification and attestation of identities and user access to applications, systems and files
  • Conduct research to evaluate new emerging technologies and maintain an up-to-date understanding of the latest threats, vulnerabilities, mitigation, industry best practices, regulations and assist in benchmarking risk management practices against other companies


  • University degree or above in IT, preferably with relevant professional qualifications such as CISSP, CISM, CCSP, SABSA etc.
  • At least 7 years of relevant experience in IT with at least 3-5 years work experience in the Information Security field
  • Experience in revamping, developing and maintaining Information Security policies, processes and procedures
  • Knowledge of ISMS, ISO27000 series and other major Information Security frameworks
  • Possess domain competencies in a number of Information Risk related disciplines, including risk management, business continuity management, privacy and compliance
  • Good problem solving and analytical skills and workshop facilitation skills
  • Ability to learn and understand new concepts quickly to keep up with new emerging technology
  • Strong communication, people management and interpersonal skills
  • Experience implementing solutions for any of the following capabilities a plus:
    • Identity and Access Management
    • Governance, Risk and Compliance
    • Web Filtering
    • Security Incident and Event Management (SIEM)
    • Endpoint Protection

Salary and benefits will commensurate with experience and competence. Please forward detailed resume with indication of expected salary quoting our reference to [via CTgoodjobs Apply Now ].

We are an equal opportunity employer and welcome applications from all qualified candidates. Personal data collected will be treated in the strictest confidence and handled confidentially by authorised personnel for recruitment-related purposes only within the CK Hutchison Group of companies.
Applicants not having heard from us within six weeks of the date of application may consider their applications unsuccessful. The personal data of unsuccessful applicants will be destroyed after the recruitment exercise pursuant to the requirements of the Personal Data (Privacy) Ordinance in Hong Kong. 

More job information
Job ref no. ISC/CT (CT3113789-01#0050)
  • N/A
Job Function
  • Hunghom
Employment Term
  • Full-time
  • 7 years - 10 years
Career Level
  • Middle management level
  • Degree