The Hong Kong Examinations and Assessment Authority (HKEAA) is an independent and not-for-profit statutory body which administers public examinations in Hong Kong. Our scope of responsibility extends to administering over 200 international and professional examinations. We are looking for talented people to join hands with the HKEAA family in contributing to the provision of valid, reliable and equitable examinations and a range of assessment services to meet the educational and societal needs of the community. Applications are now invited for the following post:

Senior Officer – Information Technology (Governance, Risk and Compliance) (Ref: IT/03/229)
 
Duties: The appointee will be responsible for assisting IT manager in driving the development of corporate security governance framework and enforce system compliance. The duties include:
(a) Establish, implement, and execute the information security programmes, including IS Policy Development, Awareness Training Programmes, Information security enhancement programmes, etc;
(b) Manage the process of certifying industry IT/IS certification like ISO9001, ISO20000, ISO27001, etc;
(c) Communicate and co-ordinate IT security activities and implement Cyber Resilience Programmes; and
(d) Communicate with internal and external stakeholder in performing audit engagement, IT audit process, risk, and compliance monitoring
 
Requirements:
(a) A Bachelor’s Degree in Information Technology, Computer Science or related disciplines;
(b) At least 6 years’ working experience with minimum of 4 years in IT governance, system audit or quality assurance/control;
(c) Competent knowledge and good understanding of Information Technology / Information Security framework, standard and regulations, such as ISO 9001/20000/27001, China Security Law, Privacy Regulation, etc.;
(d) Hands-on experience in developing and enforcing policies, standards, and guidelines for corporate;
(e) Familiar with security technology in the market and with solid experience in implementing the related security controls is preferred;
(f) Holder of professional certificates in CISSP, CISA, CISM or equivalent will be advantageous;
(g) Agility, detail-minded, innovative and self-motivated with strong analytical and problem-solving skills;
(h) Good team management, project management and vendor management skills; and
(i) Strong interpersonal and communication skills to liaise with counterparties, including business and technical professionals.
 
Employment Terms:  The remuneration package will be commensurate with qualifications and experience.  Appointment will be on a fixed-term contract with contract-end-gratuity, MPF benefits, medical and dental care.  Future employment may be offered on renewable contracts subject to performance and staffing needs.
 
Date for Application Review: 3 April 2025
Applications would be considered until the post is filled.  
 
A detailed resume including your qualifications and experience, current/expected salary and earliest availability should be sent to the Manager - Human Resources, by quoting the position applied and reference number via email at itd-recruit@hkeaa.edu.hk.  Due to the secrecy nature of HKEAA's job duties, applicants invited for interview may be required to make a declaration of any conflict of interests. Applicants not notified within 8 weeks from the application review date should consider their applications unsuccessful.
 
The HKEAA is an equal opportunities employer and welcomes applications from all qualified candidates. Information provided relating to employment will be kept confidential and used only for processing applications. For details, please refer to the Policy Statement on Equal Opportunities and the Personal Information Collection Statement on the HKEAA website (www.hkeaa.edu.hk).