Manager, Information Security

Job Purpose:

Reporting to the Head of Information Security to support delivering information security services and carrying out information security related activities. 

Job Description of the position:

•    Conduct cyber security testing covering penetration test, Infra and Web Manage security tools
•    Manage network security system covering firewall, NAC, IPS, SIEM and etc.
•    Act as project manager role on Information security projects.
•    Support and Analyze cybersecurity incidents and make recommendations on remedial actions.
•    Define and design adequate security controls to maintain secure control environment.  
•    Provide security advisory service to stakeholders on new initiatives and development projects.
•    Implement systems and procedures to enable digital forensics capabilities
•    Maintain Cyber Incident Response plan and playbook. Conduct cyber incident response drill in regular basis.

Incumbent Requirements:

•    University graduate in Computer Science / Information Technology or equivalent.
•    Minimum 6 years of relevant work experience in information security, cybersecurity or technology risk
•    Possess one or more professional certificates : OCSP, CISSP, CISM, CCSP, CISA
•    Solid experience on penetration test, red/blue team exercise and network security including firewall, NAC, IPS.
•    Sound knowledge of regulators’ requirement on Cyber Resilience Assessment Framework (CRAF) 
•    Sound knowledge of vulnerability management and threat intelligence analysis. 
•    Strong communication in both Chinese and English; Good communication and interpersonal skills.
•    Mature, independent and able to deliver quality results under tight schedule.