View job listingOur client is a sizable firm that focuses in innovation and technology.
Apply to Manager / Assistant Manager, IT Security
Our client is a sizable firm that focuses in innovation and technology.
Manager / Assistant Manager, IT Security
Responsibilities:
- Assist to develop and enforce IT securities policies, procedures, and standards
- Coordinate with internal and external auditors to perform information system audits
- Work with outsourcing vendor to provide ongoing support to security monitoring, SIEM tuning, security incident response, and investigation
- Arrange user training and activities to raise the IT security awareness to management
- Undertake risk assessments of new and existing systems to ensure security
- Work with various parties to identify solutions for security risks identified
- Provide security expertise on a variety of security enhancements and initiatives (e.g., SIEM tuning, DLP, egress filtering, virtual network segmentation, next-gen firewall, web application firewall, etc.).
- Remain current on technical developments and evolving threat landscape and advise management on countermeasures
- Identifying vulnerabilities in our current systems and providing solutions.
- Work closely with outsourcing vendors to follow up and close the vulnerabilities.
- Keeping up to date with developments in IT security standards and threats.
- Performing penetration tests to find any flaws.
- Collaborating with management and the IT department to improve security.
- Documenting any security breaches and assessing their damage.
- Educating colleagues about security software and best practices for information security.
- Continuously updating the incident response, disaster recovery plans, and business continuity plans.
- Perform other duties as assigned by the supervisor
- Bachelor’s degree in technology-related major preferred.
- A minimum of 5 years of IT experience with over three years in IT security in sizable multi-national enterprises. Commencing position will be commensurate with qualifications, relevant experience and competencies
- Ability to educate a non-technical audience about various security measures.
- An ITIL Fundamental Certification
- CISSP, CISA or CISM certification would be an advantage.
- Proven ongoing support and solid operational experience in cloud platform security (at least AWS & Azure), IT security monitoring, SIEM tuning, security program development
- Extensive knowledge of cybersecurity, SIEM, ISO27001, DLP, next-gen firewall, web application firewall. Specific technologies include but are not limited to Splunk, Appspider, Tenable, etc.
- Professional level business Chinese and English is a must, both written and verbal.
