Back to search

IT Security Analyst (Insurance, 60k)

Hong Kong Temporary View Job Description
The IT Security Analyst will play a key role in ensuring the organization's technology systems meet regulatory and security standards. This role requires expertise in identifying risks, implementing controls, and ensuring compliance within the insurance industry.
  • 6 Months Contract
  • ISO 27001 Insurance Project

About Our Client

This opportunity is with a well-established organization within the insurance industry with a strong presence, offering a collaborative and professional environment.

Job Description

As an IT Security Analyst, your main responsibilities will include:Governance, Risk & Compliance (GRC)

  • Act as the main point of contact for internal and external IT/security audits
  • Lead and support ISO 27001 certification, surveillance, and internal audits
  • Own and maintain the Statement of Applicability (SoA)
  • Prepare audit evidence, manage auditor queries, and coordinate responses
  • Track, manage, and close audit findings and non-conformities
  • Maintain and manage the risk register and perform formal risk assessments
  • Translate technical risks into business impact for stakeholders
  • Develop and maintain security policies, procedures, and documentation
  • Drive security awareness programs, including phishing simulations



Azure / Microsoft 365 Security

  • Review and manage Microsoft 365 security controls, including:
    • Defender for Office 365
    • Intune (MDM / device compliance)
    • Data Loss Prevention (DLP)
  • Assess the effectiveness of security configurations implemented by external IT providers
  • Support security documentation and control validation for cloud environments



Security Operations & Oversight

  • Support incident response and investigations
  • Provide oversight of SOC provider performance and detection capabilities
  • Monitor security risks and ensure remediation activities are tracked and completed

The Successful Applicant

A successful IT Security Analyst should have:

  • Proven hands-on experience with ISO 27001 ISMS
  • Strong audit experience:
    • Certification, surveillance, and internal audits
    • Evidence preparation and audit responses
    • Managing non-conformities and remediation tracking
  • Experience as audit owner / primary audit contact
  • Solid experience with Microsoft 365 security controls (Defender, Intune, DLP)
  • Experience in risk management, including risk assessments and register ownership
  • Hands-on experience running security awareness and phishing simulation programs
  • Ability to communicate technical risks to non-technical stakeholders
  • Experience with NIST CSF, SOC 2, or GDPR control mapping
  • Exposure to incident response and SOC vendor oversight
  • Background in insurance or regulated industries
  • Relevant certifications such as:
    • CISA, CRISC, or CGEIT
    • Azure Security Engineer or M365 Security Administrator
    • CompTIA Security+
  • 5+ years of experience in information security, GRC, or audit roles
  • Strong communication and stakeholder management skills
  • Detail-oriented, proactive, and able to work independently
  • Comfortable working in a fast-paced, contract-based environment

What's on Offer



If you are ready to contribute to IT security and compliance within the insurance industry, we encourage you to apply for this exciting opportunity.

Contact
Agnes Chow
Quote job ref
JN-052026-7025861
Phone number
+852 25306125

Job summary

Function
IT
Specialisation
Security
What is your area of specialisation?
Insurance
Location
Hong Kong
Job Type:
Temporary
Consultant name
Agnes Chow
Consultant phone
+852 25306125
Job Reference
JN-052026-7025861

Diversity & Inclusion at Michael Page

We don't just accept difference - we celebrate it. We encourage applicants from all backgrounds to apply for this role and are committed to building inclusive, diverse workplaces where everyone can thrive. If you require any support or reasonable adjustments during the recruitment process, please let us know.