Information Security Engineer - Security Architecture & Engineering - Assistant Vice President - 12months Contract
Hong Kong Exchanges and Clearing Limited
Hong Kong, Asia Pacific
4天前

The Information Security Engineer is responsible for designing and maintaining enterprise IT security solutions to address the organisation’s security requirements.

You will be responsible for building, running and improving the security tools in the organisations’s security platform.

You play a key role in protecting the organization. Direct report to the Information Security Architecture and Engineering Lead, this role will work closely with IT Innovation Lab, software engineering teams, IT infrastructure team, IT compliance, security operations and cyber technology risk team. Responsibilities :

  • Engineer, implement and monitor security measures for the protection of computer systems, networks and information
  • Identify and define system security requirements
  • Design computer security architecture and develop detailed cyber security designs
  • Prepare and document standard operating procedures and protocols
  • Configure and troubleshoot security systems and infrastructure devices
  • Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
  • Work with product vendors and suppliers to maintain and enhance existing security tooling and products
  • Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
  • Ensure that the company knows as much as possible, as quickly as possible about security incidents Requirements :
  • Proven work experience as a System Security Engineer or Information Security Engineer
  • Experience in building, maintaining and operating security systems and platforms
  • Hands on experience in a number of security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, data loss prevention systems, web proxies, etc
  • Experience with network security and networking technologies and with system, security, and network monitoring tools
  • Thorough understanding of the latest security principles, techniques, and protocols (such as zero trust, etc)
  • Problem solving skills and ability to work under pressure
  • Must have strong information security technology knowledge / concepts and can effectively communicate with senior management and a broad range of technical / non-technical audiences.
  • Strong written communication skills and verbal presentations to senior management.

  • Must have a relevant University degree in Computer Science, Information Management, or related field, or equivalent experience.
  • Good presentation, project planning and documentation skills
  • Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network / web related protocols
  • Familiarity with application, database and operating system security
  • Familiarity with cloud security technologies (AWS or Azure is preferred)
  • Familiarity with risk / control frameworks, such as Mitre ATT&CK, D3FEND, OWASP, NIST Cybersecurity Framework
  • Familiarity in scripting or automation is an added advantage
  • Familiarity with Identity and Lifecycle management is an advantage
  • Previous experience in regulated environments is an added advantage
  • 报告这项工作
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    申請
    郵箱地址
    通過點擊“持續”,我允許neuvoo同意處理我的數據並向我發送電子郵件提醒,詳見neuvoo的 隱私政策 。我可以隨時撤回我的同意或退訂。
    持續
    申請表