Senior Manager, IT Governance and Architecture

The West Kowloon Cultural District Authority welcomes exceptional talent with a passion to realise the vision and mission of making the West Kowloon Cultural District a prime local and international destination for arts, culture and entertainment.

The Senior Manager, IT Governance and Architecture is responsible for leading the Authority’s critical infrastructure and systems protection, and formulating the overall computer system security management plan and operation models as the organization-level security governance framework and managing practices to safeguard the robustness and security of computing systems in the enterprise architecture.

You should be responsible for:

• performing and coordinating assessment activities regarding the organization's security posture, against regulatory requirements and industry best practices, to identify areas for improvement;

• devising and organising effective measures to beef up the current security management landscape, ensuring compliance with legislative and governance requirements including but not limited to critical infrastructure and public-facing IT system protection;

• acting as the contact point with the Commissioner’s Office for Critical Infrastructure Protection, envisioned to be setup under Security Bureau, and other governmental or statutory bodies to facilitate efficacious collaboration and incident reporting between WKCDA and applicable regulatory authorities;

• establishing and maintaining a pragmatic incident response plan to effectively manage and mitigate cybersecurity incidents;

• providing regular updates to IT management regarding the organization's risk posture and cybersecurity incidents;

• identifying stakeholders and manage their expectation through effective communication and relationship management;

• assessing and managing third-party vendors and service providers to ensure they adhere to the organization's cybersecurity standards; and

• organising training activities to promote the value and importance of cybersecurity, ensuring awareness and best practices across the organization.

You should:

• possess a Bachelor’s degree in Information Technology, Cybersecurity, or a related field; a Master's degree is preferred but not a must;

• have Minimum of 10 years of IT experience, including at least 5 years in security governance or management roles, with a demonstrable track record of managing security audits, risk assessments, threat mitigation and incident response processes;

• have relevant certifications such as CISSP, CISM, CISA, or equivalent;

• have strong knowledge of security frameworks (e.g., NIST, ISO 27001), risk management processes, and current cybersecurity threats and trends;

• have excellent knowledge of applicable laws, regulations, and industry standards related to information and cyber security domains;

• have proven ability to lead and influence team members to achieve common goals; and

• have excellent verbal and written communication skills, with the ability to articulate complex technical concepts to non-technical stakeholders.

For interested parties, please submit your application with detailed CV on or before following date. Applicants are encouraged to submit their applications as soon as possible. The review of applications will continue until post is filled.

Data collected will only be used for job application processing. Your data may be accessed by our appointed recruitment consultants who have agreed to keep confidence of all personal data in not less than the standards applicable to us. Applicants not being invited for interview within 4 weeks from the submission date may assume their applications unsuccessful.

All related information will be kept up to 24 months and all personal data will be destroyed afterwards.

For more information, please visit https://www.westk.hk or contact: