Cyber Security Lead
Causeway Bay, Hong Kong Island
4d ago

Business Unit

Global Information & Cyber Security


  • Ranked among the top four corporate service providers globally, Vistra is a versatile group of professionals, providing a uniquely broad range of services and solutions through our three business divisions;
  • Corporate & Private Clients, Alternative Investments and International Expansion. With over 30 years of experience in the industry, we employ over 4,500 professionals across over 46 jurisdictions throughout the Americas, Europe, Middle East, and Pan Asia Pacific.

    Key Responsibilities

  • Perform audit and security compliance checks, including vulnerability scans, configuration reviews and network traffic analysis
  • Perform security risk assessments that support business requirements, and recommend mitigations and countermeasures to address risks, vulnerabilities and threats
  • Research security enhancements and make recommendations to management
  • Stay up-to-date on information technology trends and security standards
  • Monitor and develop threat intelligence feeds
  • Ensure effectiveness of network traffic monitoring and blocking of malicious traffic
  • Analysis of email and web based threat defences
  • Forensic investigation of suspicious devices
  • Offer security subject matter expertise during design and implementation of new security products, policies, and procedures
  • Identity and access management (IDAM), and designing solutions to improve JML processes and privileged access
  • Development of patch management process across global infrastructure and services, continuous monitoring of patching levels of servers, desktops and networking devices
  • Monitor and ensure effectiveness of security solutions, including firewalls, AV, MDM and others
  • Help with DR planning and BCP framework implementation
  • Participate in audit and project management activities as required
  • Regularly monitor the ticket queue, to look for and prioritise security incidents
  • Design cyber security awareness programmes
  • Drive alignment to Group Information Security and Business Continuity Policy & Standards
  • Support and undertake Internal, External, and Supplier audits
  • Support wider Group activities in development of policies, processes, tools, and templates to efficiently deliver information security and ISO27001 certification.
  • Support the Head of Information Security in operating and maintaining the Information Security Framework and the Vistra Information Security Group that oversees it.
  • Provide security and risk consultancy on a range of IT and business projects, ensuring they are delivered with effective information security in mind
  • Work closely with key stakeholders including the Technology, Compliance, Human Resources, and the wider Business to become a trusted partner
  • Support and coordinate requests for both internal and external IT audits and in requests for proposals (RFPs).
  • Support cyber-security training and awareness within the region to increase staff security awareness
  • Manage business continuity plans, ensuring annual testing and maintenance by relevant offices in the region.
  • Technical Skills

  • Hands on experience of gateway technology alongside SIEM data analytics, interpretation and presentation with an in-depth understanding of preventative security technology, including email phishing / spam filtering / malware detection / blocking)
  • Experience with SIEM platforms such as ArcSight, Splunk, or LogRhythm
  • Full-stack knowledge from network to server
  • Used to working with third party security specialist services
  • Ability to think ahead and plan / build the infrastructure with scale and resiliency for the business
  • Knowledge of McAfee Enterprise suite including antivirus, HIPS, and rogue device detection
  • Good experience in setting up monitoring tools and integration with Service management
  • Good working Knowledge & experience on Cloud infrastructure such as MS O365, MS Azure and Email filtering
  • Good presentation, oral and written communication skills
  • Relevant Experience

  • Over 10 years’ experience within Information & Cyber Security working within a business services organisation.
  • Memberships

  • Degree educated in an IT related discipline
  • Technology certification in at least once discipline such as Microsoft MCSE, Cisco CCNA / CCNP, VMware VCP.
  • An ITIL Foundation Certificate would be an advantage.
  • An IT Security related qualification such as CISSP / CISM / CCSP.
  • Personal Profile

  • An ambitious individual who wishes to develop their cyber security career and is able to adopt a systematic approach to completing multiple tasks simultaneously.
  • General

  • The primary responsibility of the cybersecurity Lead is to ensure that the company's digital assets are protected from unauthorized access.
  • This includes the securing of systems and monitoring various logging systems to detect suspicious activity and mitigating risks before breaches or damage occurs.

  • The Cyber Security Lead is also responsible for generating reports to evaluate the effectiveness of Vistra’s security policies.
  • To preserve and enhance the Company’s reputation by endeavouring to achieve the highest standard of work at all times.
  • To create documentation for all security-related information, including cyber security incident response playbooks.
  • Finance or Professional Services sector experience
  • Strong interpersonal skill and good command of English language (written verbal)
  • Self-driven, motivated, and must be able to work independently as well as be a good team player
  • Leadership skills (role will manage at least one direct report)
  • Must be mandarin speaking
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form