BT Client Security Lead in Hong Kong

Purpose of This Role

Be the point of interface for Security services for assigned customer and internal BT teams and own the security customer experience end to end:

o Primary customer interface will be with Executive Management (CxO) and Information Security Team.

o Secondary Customer Interface:

  • Infrastructure team

  • Local business units (where required)

o Internal interface:

  • Sales, Delivery, Operational and Service Management Team.

  • Senior Leadership/Management Team at regional level, on an ad-hoc basis.

Roles & Responsibilities

Be a trusted Security Advisor

o Single point of visibility into the delivery and operations of Security Services

o Run weekly Security Governance meeting with customer:

· high level overview of Security project updates

· review of on-going issues through to resolution

· presentation of monthly security reports and provide recommendations

o Review all incidents where there was a potential Security implication or breach and develop the remedial action plans where needed.

o Provide inputs/analysis from security perspective for monthly reports for other services, where required.

o Analyze and interpret technical bulletins for presentation to customer with observations and recommendations to their environment.

o Collaborate with customer on their security strategy and policies.

o Proactively provide advice, guidance and briefings on new IT Security Technologies and how it might be deployed for the customer’s benefit.

o Understand the business operations and support structures of the customer and own the selection, recommendation and improvement of Security Controls.

Lead and Own Security governance & compliance on the contract

o Ensure that Security Deliverables and Obligations laid out in the contract are met & tracked.

o Establish the appropriate Security governance framework, policies, standards, guidelines, controls and procedures are in place for the various Security services provided.

o Support compliance applicable to external regulatory standards

o Proactively own and track security specific risks in the account risk register; provide consolidated reporting & advice to customer periodically.

o Act as a point contact and manage customer’s audits relating to Security Services, including the scoping and delivery of Security audits, and manage responses and actions to address any deficiencies or control weakness identified during such audits.

o Own the Security documentation, as reflected in the contract and in conjunction with the customer, conduct regular reviews to ensure that these documentation are up to date with the current security services provided.

Be the customer’s voice within BT

o Collaborate with Program Delivery Team for high visibility of project delivery across the region.

o Provide technical inputs and high level signs-off where security services are concerned.

o Ensure that internal teams are sufficiently aware of the customer’s and BT’s Security policies, standards, guidelines, controls and procedures are complied with.

o Establish a system of regular Security assessment and carry out compliance reviews for the security services provided, verifying that BT’s compliance with the security governance framework, policies, standards, guidelines, controls and procedures.

o Collaborate with Client Service Director/Manager delivery of monthly reports to customers.

o Participate in regular internal reviews with Account/Service teams, to ensure the team are on the same page on all issues across BT issues.

o Lead on Security Service Improvement Plan with various internal Security support teams, which includes interfacing with Senior Management Team of the support teams where needed.

o Identify and develop new security opportunities to expand the business scope, in conjunction with the account team.

Required Experience

  • 8 to 10 years’ experience with a proven track record in security, preferably with a risk management and/or security assurance role.

  • A business or computer science degree with technical background and/or equivalent professional experience with industry recognized qualifications such as CISA, CISM, GSLC, CCISO, CGEIT, CISSP and working knowledge of ITIL and ISO 2700X.

Desirable Background

  • Excellent project management, written and oral communications skills desired.

  • Excellent leader & strong team player with ability to work collaboratively across various customers and internal organizations.

  • Extensive experience of stakeholder management and influencing skills, at senior level.

  • Recognized practitioner in Security Management, network and information security and people security.

  • Working knowledge of and experience in the policy and regulatory environment of information security.


Job: IT, Systems and Security

Title: Client Security Lead

Location: North East Asia-Hong Kong

Requisition ID: 65103