Who we're looking for
WeLab is looking for a Cyber Security Manager / Senior Manager to join the team!
What you will be doing
Ensure technologies meet security requirements including the bank’s policies, external guidelines, regulatory expectations, and appropriate controls in information security, secure design, and cyber security.
Work closely with the Infrastructure and Development teams in architecture design and review to provide specific security expertise.
Work with the CISO to define and assess the security strategies, architectures and practices.
Develop and maintain security architecture artifacts.
Act as a Security SME and provide implementation design to the application and Infrastructure team, where it will meet with the industry security standards.
Conduct Technical risk assessments to capture security exceptions and design associated compensating controls based on the assessment results.
Define and maintain the infrastructure and application security framework and provide security assessments.
Work closely with managed SOC service provider on the setup, daily operations and coordinating incident response
Evaluate and assesses new / emerging technologies to cope with changing risk of the bank’s environment.
About you :
You're a go-getter with mad juggling skills (or multiple hats) who can thrive in a fast-paced, agile environment
You have a strong thirst for knowledge and are driven to find solutions that don't exist yet
You are comfortable with ambiguity and extremely resourceful (in your past life you could've been a detective)
You always find a way to get things done without sacrificing the quality of your work, integrity and values. No task is off limits for you.
You are humble and prioritize the success of the team over your own with an eagerness to help those around you
You don't shy away from challenges and have the ability to bounce back from setbacks
What is required and what we’re looking for
Proven experience as a Cyber Security Architect or Information Security Consultant with design and architecture experience
Proven experience building security reference architecture for all-in cloud deployments and hybrid scenarios
Experience deploying applications in cloud-based platforms such as AWS, Azure, and Google Cloud
Experience with cloud security technologies and platforms such as service mesh, workload protection, workload attestation, cloud network policy and firewalls, data encryption and key management
Subject Matter Expertise in enterprise security solutions such as
Identity and Access Management
IPS and Anti-DDOS
Security Incident and Event Management
Endpoint Protection
Data Loss Prevention
Mobile Security
Cloud Access Security Brokers
Ability to evaluate technical and functional specifications and identify possible threats or areas of weakness
Experience with Incident Response within cloud environments and applications
Security Certificates in ISC2, CISM, CCSP, GIAC or equivalent
Bachelor or Master Degree in Computer Science or related field
Excellent presentation and communication skills in English, Cantonese & Mandarin would be a plus
What we offer
Competitive salary
Learning and development stipend, because we value lifelong learning and believe the best way to invest in our employees is to encourage them to continue to learn
Work hard and laugh lots (chicken wings and french toast, etc.) with a high-performing, fun and diverse team
Happiness Dollars for spending on anything that makes you happy
Coffee stipend
Conveniently located office surrounded by diverse and delicious lunch options
Lively office with gaming consoles and a ping pong table
Fun extracurricular activities with your colleagues like hiking, yoga, badminton, wine tasting, dragon boat racing, rock climbing, etc.
Employee referral bonuses 
