Senior Manager - Cybersecurity

About Crystal International Group Limited
Crystal International Group Limited ("Crystal International" or the "Company"), incorporated in Bermuda with limited liability and registered by way of continuation in the Cayman Islands, is a global leader in the apparel manufacturing industry. Founded in Hong Kong in 1970, the Company and its subsidiaries (collectively, the "Group", or "we") has a diversified product categories into five segments, namely Lifestyle wear, Denim, Intimate, Sweater, and Sportswear and outdoor apparel, with leading positions in corresponding categories. The Group operates a multi-country manufacturing platform, with around 20 production facilities spanning five countries, namely Vietnam, China, Cambodia, Bangladesh and Sri Lanka.

The Group serves a group of leading global brands, through a highly differentiated "Co-creation" business model, offering value-added services and satisfying our customers through accumulated knowledge of the fashion market, promptness of service and creative innovation. We strive to produce the right products at the right time and at the right cost which is critical component to the success of our customers' global apparel brands in an ever-changing industry environment. The Group maintains a keen focus on sustainability and was ranked 17th out of 50 in the Fortune business magazine "Change the World" list in 2016. The list recognises companies across the world that have made significant social and environmental contributions.

Please visit Crystal International's corporate website at http://www.crystalgroup.com for more information.

Responsibilities:

• Develop and execute a robust cybersecurity strategy to safeguard the company's information systems, networks, and data.
• Lead the implementation and maintenance of security controls, policies, and procedures to mitigate cyber risks.
• Monitor security incidents and conduct investigations to determine the root cause, impact, and appropriate remediation actions.
• Prepare and present reports on cybersecurity metrics, incidents, and risk assessments to senior management and stakeholders.
• Coordinate with external vendors, consultants, and auditors to ensure compliance with applicable regulations and standards.
• Collaborate with cross-functional teams to ensure cybersecurity considerations are incorporated into the design and implementation of new systems and technologies.

Requirements:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Proven experience of at least 10 years in cybersecurity roles; with cybersecurity experience in the manufacturing industry is an advantage.
• Relevant certifications such as CISSP, CISM, CISA, CRISA or CEH is/are highly desirable
• Experience in conducting cybersecurity audits and working with auditors is a plus.
• Strong knowledge of cybersecurity frameworks, standards, and best practices (e.g., ISO 27001, NIST, NIST CSF, PCI-DSS, SOC1,SOC2, SOC3, FISMA, FedRAMP, HIPPA, GDPR, CCPA).
• In-depth understanding of network security, encryption technologies, identity and access management, and security incident response.
• Good command of English and Chinese.

Double pay, Performance bonus, Five-day work week, Medical insurance, Life insurance, Flexible Working Hours