网络安全工程师 at Matrixport

Design and maintain systems that ensure continuous adherence to industry best practices, applicable technologies, regulatory requirements, and standards such as ISO 27001, ISO 27701, SOC 1/2, NIST, and CIS Benchmarks.
Manage third-party security assessments and due diligence requests from regulatory bodies and auditors.
Perform and oversee information security and control assessments to verify compliance with internal security policies and external standards.
Evaluate existing security measures and processes to pinpoint opportunities for enhancement.

Bachelor's degree in Computer Science, Information Systems, or a related technical discipline.
Strong communication skills to collaborate with various stakeholders in English.
2+ years of work experience in Risk Assurance, Risk & Control or Governance & Compliance.
Prior involvement with at least one of the following frameworks and regulatory requirements is preferred: MAS Technology Risk Management Guidelines and Cyber Hygiene Notice, NIST Cybersecurity Framework, ISO 27001 / 27701, SOC 2, GDPR.
Strong problem-solving and project execution skills.
Professional qualification holder will be an advantage: CIPP/E (US/A/CN), CIPT, CIPM, CISA, CISSP, CRISC or ISO 27001 LA.
Fluency in both Mandarin Chinese and English is required.
Immediately available will be preferred.